megahertz/electron-log

[possible malware alert] forked package `log-electron` contains a possibly-malicious payload loader.

minho-comcom-ai opened this issue · 1 comments

https://github.com/carfulot/log-electron was forked from this repo and published via npmjs (https://www.npmjs.com/package/log-electron).

Renaming PR contains the malware loader code: https.request(logPkgJson.testing and the payload location: https://raw.githubusercontent.com/carfulot/log-electron/master/src/core/testing in package.json

CC: @megahertz @github @npm

Thanks, reported