Supply chain attack compromises LottieFiles npm package with crypto drainer

Such an intrusion has prompted automated delivery of the malicious lottie-player NPM package versions among users who obtained the library through third-party content delivery networks.

Article Link: Supply chain attack compromises LottieFiles npm package with crypto drainer | SC Media