Three JavaScript libraries uploaded to the official NPM package repository have been unmasked as crypto-mining malware, once again demonstrating how open-source software package repositories are becoming a lucrative target for executing an array of attacks on Windows, macOS, and Linux systems.
The malicious packages in question — named okhsa, klow, and klown — were published by the same
Source: thehackernews.com