North Korean state-linked hackers buried a full remote-access toolkit inside six fake npm packages disguised as widely-used ...
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.