Name of the Vulnerable Software and Affected Versions: sonatype package (affected versions not specified)

Description: The npm sonatype package has been identified as malicious. Any computer with this package installed should be considered fully compromised. Secrets and keys stored on the compromised computer should be rotated immediately from a different computer.

Recommendations: Remove the sonatype package, however, be aware that this may not remove all malicious software resulting from its installation. As a precaution, consider the computer fully compromised and take necessary steps to secure it, such as rotating all secrets and keys stored on it from a different computer.