Name of the Vulnerable Software and Affected Versions alico versions (affected versions not specified)

Description The issue concerns malicious code within the software that uploads system information to a remote server, downloads a file, and executes it. Any computer with this package installed or running should be considered fully compromised.

Recommendations Remove the package, however, be aware that this may not remove all malicious software resulting from its installation. Rotate all secrets and keys stored on the compromised computer immediately from a different computer.