LottieFiles Issues Warning About Compromised “lottie-player” npm Package

October 31, 2024 at 10:39AM LottieFiles announced that its npm package “lottie-player” was compromised in a supply chain attack, leading to unauthorized, malicious versions that prompted users to connect cryptocurrency wallets. Users of versions 2.0.5, 2.0.6, and 2.0.7 should update to 2.0.8. The company is investigating with an external team. ### Meeting Takeaways – October … Read more