Two malicious packages were discovered on npm (Node package manager) that covertly patch legitimate, locally installed packages to inject a persistent reverse shell backdoor.
First seen on bleepingcomputer.com
Jump to article: www.bleepingcomputer.com/news/security/new-npm-attack-poisons-local-packages-with-backdoors/
