New npm attack poisons local packages with backdoors
Two malicious packages were discovered on npm (Node package manager) that covertly patch legitimate, locally installed ...