Embedded Malicious Code

Overview json-rules-engine-simplified is a simple rules engine expressed in JSON Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentia...