Malware in npm package react-tracked-tony
malicious-version-published · active
The npm package react-tracked-tony has been identified as malicious. Any system where it was installed or run should be treated as fully compromised, and all secrets and keys on that system should be rotated from a different machine.
Affected packages
- npmreact-tracked-tony