Cybercriminals continue to use npm packages to drop malicious packages on unsuspecting victims, most recently to steal Discord login tokens, bank card data, and other user information from infected systems. Details of the latest npm campaign, dubbed “LofyLife”
Read full article on The Register