Saved you a click (bait)

An npm package named ‘rand-user-agent’ has been compromised in a supply chain attack to inject obfuscated code that activates a remote access trojan (RAT) on the user’s system.

The ‘rand-user-agent’ package is a tool that generates randomized user-agent strings, which is helpful in web scraping, automated testing, and security research.