Security News New npm attack poisons local packages with backdoors BleepingComputer Daniel Bender Mar 26, 2025 Two malicious packages were discovered on npm (Node package manager) that covertly patch legitimate, locally installed packages to inject a persistent reverse shell backdoor.
