Name of the Vulnerable Software and Affected Versions logsymbles version 2.2.0

Description The issue concerns a malicious package designed to exploit typographical errors when installing modules. Upon installation, it downloads and executes a file from a remote server, establishing a backdoor. This results in the computer being fully compromised.

Recommendations For version 2.2.0, consider the computer fully compromised and take immediate action to rotate all secrets and keys from a different computer. Remove the package, but be aware that this may not eliminate all malicious software installed as a result.