<ul><li>60 malicious NPM packages identified by cybersecurity researchers Socket stealing sensitive user data and relaying it to attackers with post-install scripts.</li><li>The malicious packages did not deliver additional malware, escalate privileges, or have persistence mechanisms.</li><li>The attack involved typosquatting with package names similar to legitimate ones, targeting CI/CD pipelines before being removed after roughly 3,000 downloads.</li><li>Users advised to remove downloaded malicious packages, run system scans, rotate key credentials, and activate 2FA; separate campaign distributing eight packages capable of causing serious harm also discovered on NPM.</li></ul>

NPM users warned dozens of malicious packages aim to steal host and network data

Discover more