LottieFiles hit in npm supply chain attack targeting users' crypto
LottieFiles announced that specific versions of its npm package carry malicious code that prompts users to connect their cryptocurrency wallets so they can be emptied.
31 Oct 09:02 · BleepingComputer