Unknown threat actors have been distributing trojanized versions of jQuery on npm, GitHub, and jsDelivr, marking a “ complex and persistent” supply chain attack. Phylum’ s recent analysis reveals that the attackers cleverly embedded malware within the seldom-used ‘ end’ function of jQuery, which is internally called by the popular ‘ fadeTo’ …
Trojanized jQuery Packages Discovered in npm, GitHub, and jsDelivr Code Repositories
Full Disclosure: This webpage may contain affiliate links, in which the website owner would receive a commission for purchases made. This does not affect your purchase cost.