Popular NPM packages with over a million downloads hit by malware

17 NPM packages with more than a million weekly downloads were compromised to deliver a RAT. The attack could turn into a major supply chain attack, experts warned. The packages were since deprecated, but users should be on their guard.