Malware in npm package crypto-promise-js
malicious-version-published · active
The npm package crypto-promise-js was found to contain malware. Any system where it was installed or run should be considered fully compromised, and all secrets and keys on that system should be rotated immediately from a different, clean computer.
Affected packages
- npmcrypto-promise-js