Name of the Vulnerable Software and Affected Versions comander versions (affected versions not specified)

Description The issue concerns malicious code in the comander package, which is designed to exploit users' typing mistakes when installing modules. Upon installation, the package attempts to initiate a cryptocurrency miner using coin-hive.

Recommendations Remove the comander package from your environment and verify whether your system is running the cryptocurrency miner.