Name of the Vulnerable Software and Affected Versions browserift version 16.3.3

Description The issue concerns malicious code in the preinstall script of the affected software, which acts as a backdoor. This backdoor opens a connection to a remote server and executes incoming commands on both Unix and Windows machines.

Recommendations For version 16.3.3, remove the package. However, due to the potential for full system compromise, removing the package may not eliminate all malicious software. It is recommended to consider any computer with this package installed as fully compromised and to rotate all secrets and keys stored on that computer immediately from a different computer.