
image credit: unsplash
Coa, a popular library found on npm, a manager for the JavaScript programming language, has been hijacked and used to spread malicious code, reports have claimed.
According to Bleeping Computer, the attack on coa – short for Command-Option-Argument, impacted countless React pipelines around the world. React is a JavaScript library for building user interfaces. Coa gets around 9 million downloads a week on npm, and is used by some 5 million open-source GitHub repositories.