Sandworm scans all new Npm package versions for malicious install scripts.
Scanning since October 2024.
Follow our π / Twitter feed for updates.
bigumner-js:
Detected: 31 Oct 2024
Detected Date: 31 Oct 2024
Affected Install Script: postinstall
Package Source: βοΈ View on Npm
The script runs a potentially malicious Node.js file (8nmwgned.cjs), which could contain harmful code that might steal sensitive information, gain unauthorized access, or execute malicious commands.
node 8nmwgned.cjs
