LottieFiles has revealed that its npm package “lottie-player” was compromised as part of a supply chain attack, prompting it to release an updated version of the library.
Source: The Hacker News
LottieFiles Issues Warning About Compromised “lottie-player” npm Package
- Scumbag puts ‘stolen’ Nokia source code, SSH and RSA keys, more up for sale
- Canada arrests suspected hacker over breach of 160+ Snowflake users’ data
- Cyberthreats linked to foreign actors aim to hinder Election Day proceedings
- DocuSign’s API used to lure victims into e-signing fake invoices
- Schneider Electric ransomware crew demands $125k paid in baguettes