Sonatype
Sonatype Blog

NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware

Malicious actors have hijacked the ‘coa’ and ‘rc’ npm packages; both having not seen new releases in 3 years. Read Sonatype’s blog to learn how hackers choose their targets and how to best protect your data.

Related Resources:


Securing Software Supply Chains in Air Gapped Environments
Securing Software Supply Chains in Air Gapped Environments
Mythos-Ready: Building a Security Program for the AI Vulnerability Storm
Mythos-Ready: Building a Security Program for the AI Vulnerability Storm
Sonatype
Mythos and the AI Vulnerability Storm: The Software Supply Chain is the Control Point
Download the Resource


Related Resources:


Securing Software Supply Chains in Air Gapped Environments
Securing Software Supply Chains in Air Gapped Environments
Mythos-Ready: Building a Security Program for the AI Vulnerability Storm
Mythos-Ready: Building a Security Program for the AI Vulnerability Storm
Mythos and the AI Vulnerability Storm: The Software Supply Chain is the Control Point