Security News New npm attack poisons local packages with backdoors BleepingComputer Daniel Bender 26 Mar 2025 Two malicious packages were discovered on npm (Node package manager) that covertly patch legitimate, locally installed packages to inject a persistent reverse shell backdoor.
