Name of the Vulnerable Software and Affected Versions: coa versions 2.0.3 and above

Description: The npm package coa had versions published with malicious code, potentially fully compromising any computer with the package installed. Users should check their systems for suspicious activity. All secrets and keys stored on the affected computer should be rotated immediately from a different computer.

Recommendations: For versions 2.0.3 and above, downgrade to version 2.0.2 as soon as possible. Remove the coa package, but be aware that this may not remove all malicious software resulting from its installation. Consider the computer fully compromised and take appropriate measures to secure it.