Popular npm library 'coa' was hijacked today with malicious code injected into it, ephemerally impacting React pipelines around the world. The 'coa' library, short for Command-Option-Argument, receives about 9 million weekly downloads on npm, and is used by almost 5 million open source repositories on GitHub.
A large company doing that with their servers is probably a lot more likely to get sued.
heh, afer searching a little bit about it, turns out it is actually a realtively big sector 🤷♀️