Threat actors have compromised the NPM Package supply chain.

Researchers have found that the popular scraping tool has had its supply chain compromised with malicous code. The NPM Package had its supply chain infected with code that installs a remote access trojan on users systems. The code was not found in the package’s GitHub repository.

Read more:

https://www.securityweek.com/popular-scraping-tools-npm-package-compromised-in-supply-chain-attack/