A trojanized version of jQuery has been spreading on the npm JavaScript package manager, GitHub and elsewhere, for use in a jQuery attack, security researchers have discovered. Phylum researchers said they have been monitoring the “persistent supply chain attacker” since May 26, initially on npm, “where we saw the compromised version published in dozens of packages over a month. After investigatin