Embedded Malicious Code
Overview @ctrl/torrent-file is a package to parse a torrent file and read encoded data. Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including...