Popular npm Package rand-user-agent Compromised with Malware

The popular npm package rand-user-agent, downloaded more than 45,000 times per week, has been compromised by the insertion of obfuscated code. This malware activates a Remote Access Trojan (RAT) in the user's system. This supply chain attack endangers the users of the package.