I am sure everyone has heard of this huge issue within the industry. But, I was surprised that the demo program was five lines of JS code. Surprised it can be done in JS in the first place and, second, the malicious code is so short.
To affect your code, someone would have to find a way to inject it. Modern browsers have pretty good protection against that. (Remember Same Origin Policy? Same-origin policy - Wikipedia)