Online JavaScript Library’s Popularity utilized in stealing Cryptocurrency
A widely used Node.js code library listed in NPM’s warehouse of repository has been infected to include crypto-coin-stealing malware. npm is the most widely used package manager for Javascript programming language. It is the default package manager for an open source, cross platform JavaScript run-time environment Node.js. The library in question, Event-Stream, is a popular Javascript library that scores over two million downloads every week by application programmers. The projects that use event-stream in some way should undergo a thorough check to ensure that you didn’t install and fetch the dodgy version during testing or deployment. This vandalism is a stark reminder of dangers associated with reliable and complex webs of dependencies in software. Without proper precautions taken throughout the whole chain, an app’s security can be broken by modifying any component. The Event-Stream npm package was originally created & maintained by Dominic Tarr, a New-Zeland base...