Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Supply chain attack hits npm package with 45,000 weekly downloads
Malware and Vulnerabilities
May 09, 2025
Bleeping Computer
A supply chain attack has compromised the npm package rand-user-agent, which averaged 45,000 weekly downloads. Although deprecated, the package remained popular, making it an attractive target for attackers.
Read More
Rand-User-Agent
NPM Package
Remote Access Trojan
Supply Chain Attack
Obfuscated Code
Publisher
Previous
Kickidler employee monitoring software abused in ransom ...
Threat Intel & Info Sharing
Next
VC giant Insight Partners confirms investor data stolen ...
Breaches and Incidents
/https://cyware-ent.s3.amazonaws.com/image_bank/b01e_shutterstock_1337127782.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/e7bc_shutterstock_2055817979.jpg)
