Forty-five malicious NPM and PyPI packages have been deployed by threat actors to facilitate extensive data theft operations as part of a campaign that commenced on Sept. 12, according to BleepingComputer.
Article Link: Malicious PyPI, NPM packages facilitate data exfiltration | SC Media