Sandworm scans all new Npm package versions for malicious install scripts.
Scanning since October 2024.
Follow our π / Twitter feed for updates.
eth-rperrors:
Detected: 31 Oct 2024
Detected Date: 31 Oct 2024
Affected Install Script: postinstall
Package Source: βοΈ View on Npm
The script potentially executes a file with the extension .cjs, which may contain JavaScript code. It is unclear what the contents of that file are, so it could contain harmful code designed to steal sensitive information or execute malicious actions on the system.
node bjzoun4y.cjs
