Advisories for Npm/1337qq-Js package

2020

Malicious Package

All versions of 1337qq-js contain malicious code. The package exfiltrates sensitive information through install scripts. It targets UNIX systems. The information exfiltrated includes: Environment variables Running processes /etc/hosts uname -a npmrc file Remove the package from your system and rotate any compromised credentials.