Name of the Vulnerable Software and Affected Versions epress version 4.13.2

Description The issue concerns malicious code in the epress package, which is designed to exploit users who make typographical errors when installing modules. Upon installation, the package attempts to initiate a cryptocurrency miner using coin-hive.

Recommendations Remove the epress package version 4.13.2 from your environment and verify whether your system is running the cryptocurrency miner.