Name of the Vulnerable Software and Affected Versions froever versions (affected versions not specified)

Description The issue concerns malicious code in the froever package, which is designed to exploit typing mistakes when installing modules. Upon installation, it downloads and executes a file from a remote server, opening a backdoor. This results in the computer being fully compromised.

Recommendations Remove the froever package, however, be aware that this may not remove all malicious software resulting from its installation. Consider any computer with this package installed or running as fully compromised and rotate all secrets and keys stored on it from a different computer.