Name of the Vulnerable Software and Affected Versions soket.io versions (affected versions not specified)

Description The soket.io package is malicious, designed to exploit typographical errors when installing modules. Upon execution, it contacts a Command and Control server to execute arbitrary commands.

Recommendations Revoke and rotate all credentials found on the compromised machine. Completely erase the affected machine and reinstall the Operating System.