But the library was not touched, and it is a good news because millions of websites directly use jQuery script hosted by jQuery server, and the hack could have put billions of users at risk of malware attacks.
This message was available on http://blog.jquery.com/2017/10/26/hacked/; however, it was later removed.
According to the experts, the hackers may have used a leaked password from a data dump, or they might have used Zero-Day vulnerability in the server or the WordPress itself.
Three years ago jQuery website was hacked and its visitors were redirected to RIG exploit kit, but again, the files or the libraries were not modified.
jQuery is not the only high profile platforms whose security was compromised.
CoinHive team, acknowledging the hack, claimed the attacker used a password, which was leaked in Kickstarter breach back in 2014, to hijack their CloudFlare account.