Name of the Vulnerable Software and Affected Versions cicada-render versions (affected versions not specified)

Description The issue concerns malicious code in the cicada-render package, which uploads system information to a remote server, downloads a file, and executes it. Any computer with this package installed or running should be considered fully compromised.

Recommendations Remove the cicada-render package. Rotate all secrets and keys stored on the compromised computer immediately from a different computer. Consider the computer fully compromised and take appropriate measures to address potential malicious software installed as a result of the package.