NPM users warned dozens of malicious packages aim to steal host

Socket found 60 malicious NPM packages. Malware spoofed legitimate packages and was capable of exfiltrating sensitive data. Those who have downloaded any of these are advised to remove them immediately.