"Just last week we saw the popular npm package `ua-parser-js` get hijacked." "Well, it happened again. This time the `coa` and `rc` packages were hijacked, via an npm account takeover. The hijacked versions of these packages are tracked under sonatype-2021-1696."
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware
[B!] 2021-11-09 08:53:52
|