Advisories for Npm/Pizza-Pasta package

2020

Malicious Package

of pizza-pasta contains malicious code as a install scripts. The package created folders in the system's Desktop and downloaded an image from imgur.com. The package also printed the users SSH keys to the console. Remove the package from your environment. There are no evidences of further compromise.