The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
Tom Bowen is a senior editor who loves adventure games and RPGs. He's been playing video games for several decades now and writing about them professionally since 2020. Although he dabbles in news and ...