Catalin Cimpanu / The Record:
CISA warns of malware discovered in npm package UAParser.js, which has 6M-7M downloads weekly, that installs a password stealer and a crypto miner — A massively popular JavaScript library (npm package) was hacked today and modified with malicious code that downloaded and installed …
from Techmeme https://ift.tt/3nguePO