LottieFiles hit in npm supply chain attack targeting users’ crypto

October 31, 2024 at 05:05AM LottieFiles reported malicious code in npm package versions 2.0.5, 2.0.6, and 2.0.7, prompting users to connect cryptocurrency wallets. They released version 2.0.8 to remedy the issue, advising users to upgrade. The malicious activity affected no other services or repositories, while investigations continue into the breach’s impact. ### Meeting Takeaways: 1. … Read more