Malware Discovered in Popular NPM Package, ua-parser-js

Original release date: October 22, 2021Versions of a popular NPM package named ua-parser-js was found to contain malicious code. ua-parser-js is used in apps and websites to discover the type of device or browser a person is using from User-Agent data. A computer or device with the affected software installed or running could allow a remote attacker to obtain sensitive information or take control of the system.  CISA urges users and administers using compromised ua-parser-js versions 0.7.29, 0.8.0, and 1.0.0...