Kotlin

Recently we published a blog post about a potential security issue caused by ua-parser-js, a dependent package that is used in the popular testing framework Karma, which in turn is the default choice for Kotlin/JS and Kotlin Multiplatform applications targeting JS. In the post, we recommended tha…

On the 22nd of October at 5:06 pm CEST a message was posted on the #javascript channel of the Kotlin Slack about a potential security issue, at which time we began our investigations. On the 23rd of October, it was reported that malware was found in a very popular npm package named ua-parser-js. The…