Novel malicious NPM packages developed by "malikrukd4732" have been discovered by Phylum, all of which could enable sensitive data exfiltration through a JavaScript file, The Hacker News reports.
Article Link: Sensitive developer data targeted by new malicious NPM packages | SC Media