Anonymous 🐈️🐾☕🍵🏴🇵🇸 :af:<p>An npm package named 'rand-user-agent' has been compromised in a supply chain attack to inject obfuscated code that activates a remote access trojan (RAT) on the user's system. <a href="https://kolektiva.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://kolektiva.social/tags/SupplychainsAttacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SupplychainsAttacks</span></a> <a href="https://www.bleepingcomputer.com/news/security/supply-chain-attack-hits-npm-package-with-45-000-weekly-downloads/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/supply-chain-attack-hits-npm-package-with-45-000-weekly-downloads/</span></a></p>