Name of the Vulnerable Software and Affected Versions commqnder versions (affected versions not specified)

Description The issue concerns malicious code in the commqnder package, which is designed to exploit users who make typographical errors when installing modules. Upon installation, the package attempts to initiate a cryptocurrency miner using coin-hive.

Recommendations Remove the commqnder package from your environment and verify whether your system is running the cryptocurrency miner.