Npm package caught stealing sensitive Discord and browser files

Security researchers at Sonatype have discovered an npm package (JavaScript library) that contains malicious code designed to steal sensitive files from a user's browsers and Discord application.

Security researchers at Sonatype have discovered an npm package (JavaScript library) that contains malicious code designed to steal sensitive files from a user's browsers and Discord application.