If you're using this hijacked NPM library anywhere in your software stack, read this
US govt issues alert over JS package downloaded 8m times a week – plus more news from world of infosec In brief The US government's Cybersecurity and Infrastructure Security Agency (CISA) has warned developers that a version of the ua-parser-js JavaScript library, available via NPM, was infected with data-stealing and cryptocurrency-mining malware.... [...]