Name of the Vulnerable Software and Affected Versions jquerz version 1.0.1

Description The issue concerns malicious code in the jquerz package, designed to exploit typographical errors when installing modules. Upon installation, it downloads and executes a file from a remote server, creating a backdoor. This results in full compromise of the computer, requiring immediate action to secure secrets and keys.

Recommendations For version 1.0.1, remove the package immediately, however, be aware that this may not eliminate all malicious software installed as a result. Rotate all secrets and keys stored on the compromised computer from a different, secure computer to prevent further unauthorized access.