This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.
Remove the package from your environment. There are no indications of further compromise.
Aug 31, 2020
Published to the GitHub Advisory Database
Sep 3, 2020
Jan 9, 2023