Severity: Critical
CVSS Score: 9.8
Version 4.13.2 of `epress` contains malicious code . The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. Upon require the package attempts to start a cryptocurrency miner using coin-hive. ## Recommendation Remove the package from your environment and verify whether your system is running the cryptocurrency miner.