Malicious npm Packages Found Exfiltrating Sensitive Data from Developers
Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information.
Software supply chain firm Phylum, which first identified the “test” packages on Ju…