Malware in npm package use-context-selector-tony

malicious-version-published · active

A malicious npm package named "use-context-selector-tony" was published and flagged by GitHub. Any machine where it was installed should be treated as fully compromised, with all secrets and keys rotated from a different computer.

Affected packages

• npmuse-context-selector-tonysee advisory

Sources

• ghsahttps://github.com/advisories/GHSA-99hx-q4mr-cfh7