Dear all, This week's release of Unity Hub 3.1.0 included an update to a compromised version of the node-ipc library, an open source package that is used by the Hub. This resulted in the generation of an empty .txt file on the desktop of users who upgraded to Hub 3.1.0. Our initial investigation did not reveal any further additions of unwanted code or other unexpected behavior. While there do appear to be recent changes to the node-ipc library that include malicious code, those were not included in our Hub 3.1.0 update. Although we have eliminated the root cause that led to this incident, we are committed to improving our internal QA processes to prevent future problems in Unity Hub. A hotfix was released four hours after the incident was discovered with Hub 3.1.1 and we plan to update you on the status of our audit as soon as possible. The security and any perceived vulnerabilities in Unity software remain our top concern.