Researchers found that 136 malicious NPM packages malicious have been Dow landed thousands of times.

Security researchers uncovered 136 malicious NPM packages that have been downloaded roughly 100,000 times over four months across two campaigns that began in July and August. Researchers warn the malware exfiltrated data via encoded HTTP GET/POST and WebSocket channels, and urged treating installs and builds as untrusted execution with isolation, signing, SBOMs, and runtime monitoring.

Read more:

https://www.securityweek.com/136-npm-packages-delivering-infostealers-downloaded-100000-times/