Name of the Vulnerable Software and Affected Versions log-symboles version 2.1.0

Description The issue concerns a malicious package designed to exploit typographical errors when installing modules. Upon installation, it downloads and executes a file from a remote server, establishing a backdoor. This results in the computer being fully compromised.

Recommendations For version 2.1.0, remove the package immediately. However, due to potential full control being granted to an outside entity, removal may not eliminate all resulting malicious software. Additionally, consider all secrets and keys stored on the compromised computer as exposed and rotate them from a different, secure computer.