VLC, Kodi, Popcorn Time and Stremio vulnerable to malware fired from booby-trapped subtitles
https://www.theregister.co.uk/2017/05/2 ... es_return/
By crafting malicious subtitle files for films and TV programmes, which are then downloaded by viewers, attackers can hope to take complete control of any device running the vulnerable platforms. Hackers have pushed trojans under the guise of subtitle files as far back as 2003.