Security News > 2021 > November > Popular 'coa' NPM library hijacked to steal user passwords
Popular npm library 'coa' was hijacked today with malicious code injected into it, ephemerally impacting React pipelines around the world.
Today, developers around the world were left surprised to notice new releases for npm library 'coa'-a project that hasn't been touched for years, unexpectedly appear on npm.
Several suspicious versions 2.0.3, 2.0.4, 2.1.1, 2.1.3, and 3.1.3 began appearing on npm as of a few hours ago, breaking React packages that depend on 'coa'.
Several developers joined the discussion, confirming experiencing issues with their builds ever since the new 'coa' releases hit npm.
This incident follows last month's hack of another popular npm library "Ua-parser-js" that is used by Facebook, Microsoft, Amazon, Reddit, and other big tech firms.
The malware contained in hacked 'coa' versions, as analyzed by BleepingComputer, is virtually identical to the code found in the hijacked ua-parser-js versions, potentially establishing a link between the threat actors behind both incidents.