HomeNewsNPM library hacked; hackers stole user passwords

NPM library hacked; hackers stole user passwords

-

Last Updated on 22/11/2021 by Anamika

Reportedly, the highly popular npm library ‘coa’ was hijacked a few days back by injecting malicious code into it, hence, impacting React pipelines around the world.

There is a very popular library called Command-Option-Argument, which receives more than 9 million weekly downloads on npm, and is almost used by 5 million people on Github, according to the reports of bleeping computer.

The authorities were able to find out this glitch but as they were setting it out, another glitch was discovered with the component called ‘rc’. The ‘rc’ component also got hijacked soon after the ‘coa’ component. The ‘rc’ component gets almost 14 million downloads a week on average, tells bleeping computer.

According to sources, there were also some malicious codes injected to the ‘coa’ releases. A shock came for the developers globally when they notice few releases for npm’s ‘coa’ library which is a project that hasn’t been touched for years.

‘coa’ is a command-line options parser for Node.js projects. The last stable version 2.0.2 for the project was released in December 2018.

Reportedly, npm has removed the compromised components which were causing harm to the database. The components are blocked from getting published temporarily while the affected data is on the recovery stage.

Anamika
Anamika
Anamika focuses on data privacy, data policy, digital policies, and puts users' privacy first. She loves exploring new tech and spends time looking around business politics and its impact on users and small businesses.
- Advertisment -

Must Read

edge-ai

Challenges and Opportunities in Deploying AI Solutions in Edge Computing Environments

0
Edge AI is a ground-breaking new paradigm that has the potential to completely change how companies run. Organizations can seize new chances for creativity,...