JavaScript

Nov 10, 2021 · Information Security

Critical npm Package Hijack: How coa and rc Were Compromised and What to Do

A recent security breach compromised the popular npm packages coa and rc, injecting ransomware‑capable code that can steal browser passwords, record keystrokes and screenshots, prompting developers to lock specific versions and enable two‑factor authentication to protect their projects.