Over the Thanksgiving weekend, Sonatype discovered new malware within the npm registry. This time, the typosquatting packages identified by us are laced with a popular Remote Access Trojan (RAT).
Article Link: https://blog.sonatype.com/bladabindi-njrat-rat-in-jdb.js-npm-malware