Name of the Vulnerable Software and Affected Versions ali-contributor versions (affected versions not specified)

Description The issue concerns malicious code in the ali-contributor package, which uploads system information to a remote server, downloads a file, and executes it. This indicates a severe compromise of system security.

Recommendations Remove the ali-contributor package, however, be aware that this may not remove all malicious software resulting from its installation. Consider any computer with this package installed or running as fully compromised and rotate all secrets and keys stored on it immediately from a different computer.