[SECURITY] flatmap-stream lib coinminer backdoor


#1

I just got this warning from one of my production server.
I’m using adonis 4.1

I kinda worried about this,
because my antivirus immediately quarantined related files on @adonisjs/cli package.

searching on google, found this article:

I haven’t found any problem regarding all the functionalities on my Ace Commands application on my production site,
but i’m afraid that It’ll be a problem that will surface soon.

Hope this info can help virk on identifying the malicious package soon.
thank you


#2

Hey @eldinbiz!

This is already fixed, please upgrade your @adonisjs/cli package.
Also, if you are not using copay-dash you are safe.


#3

thanks @romain.lanz for the info. :slightly_smiling_face: