Sonatype has caught newer typosquats of the popular 'colors' npm library that contain obfuscated malware. The malware in question comprises Discord info-stealers attempting to hijack the user's Discord tokens and session information.
Article Link: Malicious npm 'colors' typosquats pack Discord malware