CISA warns of malware discovered in npm package UAParser.js, which has 6M-7M downloads weekly, that installs a password stealer and a crypto miner on systems (Catalin Cimpanu/The Record)

Catalin Cimpanu / The Record:
CISA warns of malware discovered in npm package UAParser.js, which has 6M-7M downloads weekly, that installs a password stealer and a crypto miner on systems  —  A massively popular JavaScript library (npm package) was hacked today and modified with malicious code that downloaded and installed …

from Techmeme https://ift.tt/3nguePO