Malware in npm package ecto-nightly-spirit
malicious-version-published · active
The npm package ecto-nightly-spirit has been identified as malware. Any system where it was installed should be considered fully compromised, and all secrets and keys on that machine should be rotated immediately from a different, clean computer.
Affected packages
- npmecto-nightly-spirit