Here's all the information I've found. 💻☠️🏴 What happened? People found malicious packages in npm that work like real ones, are named similarly real ones, but collect and send your process environment to a third-party server when you install them: @kentcdodds Hi Kent, it looks like this npm package is stealing env variables on install,...
Learn more about Hashnode Headless CMS
Collaborate seamlessly with Hashnode Headless CMS for Enterprise.