Fake npm website used in phishing attack to steal maintainer token, leading to malware in popular JavaScript packages like eslint-config-prettier.

Waqas

Source: HackRead
Source Link: https://hackread.com/fake-npm-website-used-push-malware-via-stolen-token/