Name of the Vulnerable Software and Affected Versions electron-native-notify versions (affected versions not specified)

Description The issue concerns malicious code in the electron-native-notify package, which was used in a targeted attack to steal cryptocurrency wallet seeds. This allowed attackers to upload the seeds to a remote server, giving them access to users' wallets.

Recommendations Remove the electron-native-notify package from your environment.