As many as 60 malicious npm packages have been found within the package deal registry with malicious performance to reap hostnames, IP addresses, DNS servers, and consumer directories to a Discord-controlled endpoint.
The packages, printed below three completely different accounts, include an set up‑time script that is triggered throughout npm set up, Socket safety researcher Kirill Boychenko stated in a
Over 70 Malicious npm and VS Code Packages Discovered Stealing Knowledge and Crypto
