[Link] Supply Chain Attack: NPM Library Used By Facebook And Others Was Compromised

Read: 25/10/2021 hackaday.com

Here at Hackaday we love the good kinds of hacks, but now and then we need to bring up a less good kind. Today it was learned that the NPM package ua-parser-js was compromised, and any software using it as a library may have become victim of a supply chain attack.

attacks on infrastructure code cyber crime cyber hacks dependency attack hackaday hackers javascript nodejs npm package managers programming software software dependencies software development software libraries upstream attack