The package contains a preinstall hook to execute unhook.js, which has cryptocurrency stealing functionality.
-= Per source details. Do not edit below this line.=-
{ "malicious-packages-origins": [ { "sha256": "89da5e7f70642e5dd7483b9f10abf7db21e7e867a9ffa86b4e2bf6f0f0873c49", "import_time": "2024-10-24T00:56:34.375765569Z", "versions": [ "2.3.2" ], "id": "RLMA-2024-06946", "source": "reversing-labs", "modified_time": "2024-10-16T13:05:25Z" } ] }