Compromised variants of the "rand-user-agent" package have surfaced on npm, which had a remote access Trojan on board. Although the random user agent is marked as obsolete, it is still downloaded ...