Over the weekend, the is-promised library was updated to receive support to work as an ES module -- the standardized module system used by the JavaScript language.

A hacker has gained access to a developer's npm account and injected malicious code into a popular JavaScript library, code that was designed to steal the npm credentials of users who utilize the ...