In the NPM package Node-IPC detected Malicious Change (cve-2022-23812 ), with a probability of 25% replacing the “️” contents of all files, to who have access to record. Malicious code is activated only when started on systems with IP-Dres from Russia or Belarus. The Node-IPC package includes about a million downloads per week and is used as a dependency in 354 packages, including VUE-CLI . All projects that have the dependences of Node-IPC are also subject to the problem.
Malicious code was placed in the NPM repository as part of the issues of Node-IPC 10.1.1, 10.1.2 and 10.1.3. In the Git-repository of the project, malicious change was posted on behalf of the author of the project 11 days ago. In the comments to the warning about the appearance of a dubious code, the author of the project said that the change is reduced to adding a file On the desktop, with a call to the world.