GMS-2020-52: Malicious Package

September 11, 2020 (updated September 30, 2021)

of angluar-cli contains malicious code as a postinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed the package attempts to remove files and stop processes related to McAfee antivirus on macOS. Remove the package from your environment and verify whether files were deleted and if processes were stopped.

References

github.com/advisories/GHSA-8mm3-2mcj-cx6r
www.npmjs.com/advisories/918

Code Behaviors & Features

Detect and mitigate GMS-2020-52 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →