The package `bugsnagmw` (npm) version 1.0.3 contains malicious code. The code was obfuscated to avoid detection. The malicious code is designed to steal sensitive information from the user's environment and send it to a remote server. See https://stacklok.com/blog/analysis-of-an-obfuscated-code-attack-on-npms-package-registry for more details.
Learn more