There was a report regarding to a security issue in one of the plugin in Node.js. Event-Stream 3.3.6 which contained a new dependency --for the Flatmap-Stream library version 0.1.1. The Flatmap-Stream library v0.1.1 is where the malicious code resides.How to prevent it?
node_modules folder and
yarn.lock file in your project directory. So the next installation is not based on the
yarn.lock version, but will be upgraded
Re-install everything again using
npm install command.
Read more on this blog