Malware in npm package martinez-polygon-clipping-tony

malicious-version-published · active

A malicious npm package named "martinez-polygon-clipping-tony" was published and flagged by GitHub Security Advisories. Any system that installed or ran this package should be considered fully compromised, and all secrets and keys stored on it should be rotated immediately from a clean computer.

Affected packages

• npmmartinez-polygon-clipping-tonysee advisory

Sources

• ghsahttps://github.com/advisories/GHSA-64jc-f3r5-gp74