electron-log [possible malware alert] forked package `log-electron` contains a possibly-malicious payload loader.

[possible malware alert] forked package `log-electron` contains a possibly-malicious payload loader.

Open minho-comcom-ai opened this issue 2 months ago • 1 comments

https://github.com/carfulot/log-electron was forked from this repo and published via npmjs (https://www.npmjs.com/package/log-electron).

Renaming PR contains the malware loader code: https.request(logPkgJson.testing and the payload location: https://raw.githubusercontent.com/carfulot/log-electron/master/src/core/testing in package.json

CC: @megahertz @github @npm

May 28 '24 11:05 minho-comcom-ai

electron-log electron-log copied to clipboard

[possible malware alert] forked package `log-electron` contains a possibly-malicious payload loader.

electron-log
electron-log copied to clipboard

[possible malware alert] forked package `log-electron` contains a possibly-malicious payload loader.