A sophisticated supply chain attack targeting the popular npm package ‘rand-user-agent’ was discovered on May 5, 2025. The compromise affects a legitimate JavaScript library used to generate randomized user-agent strings for web scraping operations, inserting malicious code that establishes remote access capabilities on infected systems. Security researchers detected suspicious code in version 1.0.110 of the […]
The post New Supply Chain Attack Targets Legitimate npm Package with 45,000 Weekly Downloads appeared first on Cyber Security News.
This article has been indexed from Cyber Security News