An npm package named ‘rand-user-agent’ has been compromised in a supply chain attack to inject obfuscated code that activates a remote access trojan (RAT) on the user’s system. […]
Go to Source
Author: Bill Toulas
Security
Supply chain attack hits npm package with 45,000 weekly downloads
