image credit: Vecteezy

Hackers inject malicious code into another popular npm library

November 5, 2021

Via: Techradar

Coa, a popular library found on npm, a manager for the JavaScript programming language, has been hijacked and used to spread malicious code, reports have claimed.

According to Bleeping Computer, the attack on coa – short for Command-Option-Argument, impacted countless React pipelines around the world. React is a JavaScript library for building user interfaces. Coa gets around 9 million downloads a week on npm, and is used by some 5 million open-source GitHub repositories.

Read More on Techradar