Name of the Vulnerable Software and Affected Versions: ua-parser-js versions 0.7.29, 0.8.0, 1.0.0

Description: The npm package ua-parser-js had malicious code published in certain versions. Any computer with this package installed should be considered fully compromised, and all secrets and keys stored on it should be rotated immediately from a different computer.

Recommendations: For versions 0.7.29, 0.8.0, 1.0.0, upgrade to a newer version as soon as possible and check systems for suspicious activity. Remove the ua-parser-js package, but be aware that this may not remove all malicious software resulting from its installation. Rotate all secrets and keys stored on the compromised computer from a different computer.