LottieFiles Issues Warning About Compromised « lottie-player » npm Package
,
LottieFiles has revealed that its npm package « lottie-player » was compromised as part of a supply chain attack, prompting it to release an updated version of the library.
« On October 30th ~6:20 PM UTC – LottieFiles were notified that our popular open source npm package for the web player @lottiefiles/lottie-player had unauthorized new versions pushed with malicious code, » the company said in a
« On October 30th ~6:20 PM UTC – LottieFiles were notified that our popular open source npm package for the web player @lottiefiles/lottie-player had unauthorized new versions pushed with malicious code, » the company said in a
,
LottieFiles has revealed that its npm package « lottie-player » was compromised as part of a supply chain attack, prompting it to release an updated version of the library.
« On October 30th ~6:20 PM UTC – LottieFiles were notified that our popular open source npm package for the web player @lottiefiles/lottie-player had unauthorized new versions pushed with malicious code, » the company said in a
« On October 30th ~6:20 PM UTC – LottieFiles were notified that our popular open source npm package for the web player @lottiefiles/lottie-player had unauthorized new versions pushed with malicious code, » the company said in a
, ,
https://thehackernews.com/2024/10/lottiefiles-issues-warning-about.html