Malware in npm package ecto-rust-read-f3a9c1

malicious-version-published · active

The npm package ecto-rust-read-f3a9c1 has been identified as malware. Any system where it was installed or run should be considered fully compromised, and all secrets and keys on that system should be rotated immediately from a different machine.

Affected packages

• npmecto-rust-read-f3a9c1see advisory

Sources

• ghsahttps://github.com/advisories/GHSA-9h8h-37p7-873r