Versions (0.7.29, 0.8.0, and 1.0.0 ) of a popular NPM package named ua-parser-js was found to contain malicious code. Please update to the patched versions (0.7.30, 0.8.1, 1.0.1).
More in our alert: https://t.co/BZlGSweb2d
GitHub advisory: https://t.co/UmFhFpKNt8
— US-CERT (@USCERT_gov) October 23, 2021