Snyk has a published code exploit for this vulnerability.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsAvoid using all malicious instances of the fallguys
package.
fallguys is a malicious package. It contains malicious code that attempts to read local sensitive files and exfiltrate information through a Discord webhook. The code attempted to access the following paths available on Windows systems:
/AppData/Local/Google/Chrome/User Data/Default/Local Storage/leveldb
/AppData/Roaming/Opera Software/Opera Stable/Local Storage/leveldb
/AppData/Local/Yandex/YandexBrowser/User Data/Default/Local Storage/leveldb
/AppData/Local/BraveSoftware/Brave-Browser/User Data/Default/Local Storage/leveldb
/AppData/Roaming/discord/Local Storage/leveldb