"The 'coa' library, short for Command-Option-Argument, receives about 9 million weekly downloads on npm, and is used by almost 5 million open source repositories on GitHub."
"The 'coa' library, short for Command-Option-Argument, receives about 9 million weekly downloads on npm, and is used by almost 5 million open source repositories on GitHub."
"Just last week we saw the popular npm package `ua-parser-js` get hijacked." "Well, it happened again. This time the `coa` and `rc` packages were hijacked, via an npm account takeover. The hijacked versions of these packages are tracked under sonatype-2021-1696."