Malicious code in old-mpl-token-metadata (npm)
This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6603cd004d4fbdaf7a066de7f7057ad66c4108e0bd8d961201d12f326fc1d7bf Any computer that has this package install...