Severity: Critical
CVSS Score: 9.8
All versions of `commmander` contain malicious code . The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. Upon require the package attempts to start a cryptocurrency miner using coin-hive. ## Recommendation Remove the package from your environment and verify whether your system is running the cryptocurrency miner.