As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint.
The packages, published under three different accounts, come with an install‑time script that's triggered during npm install, Socket security researcher Kirill Boychenko said in a



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/05/over-70-malicious-npm-and-vs-code.html