Compromised JavaScript Package Caught Stealing npm Credentials

A hacker has gained access to a developer’s npm account and injected malicious code into a popular JavaScript library, code that was designed to steal the npm credentials of users who utilize the poisoned package inside their projects. […]

This post appeared first on Bleeping Computer
Author: Catalin Cimpanu