Node JSfromArs Technica2 days agoDestructive malware available in NPM repo went unnoticed for 2 yearsOpen source repositories are vulnerable to malicious software, evidenced by a recent discovery of malware hidden in NPM packages.