GitHub Security Adviser sees Unity packages as malware

I just got a message that the unity ui package has a vulnerability making my whole system open to everyone.
Does anyone have more info?

Here is the issue I received:

Same for audio, animation, physics, more

So basically Github is acting like every antivirus scanner that is highly suspicious of everything that it does not know well. Unless Unitys NPM account has been compromised witch i doubt this is probably a wrong alarm.

1 Like