Multiple npm cryptocurrency packages hijacked to steal sensitive information, including environment variables. Malicious scripts found in recent versions of longstanding packages have exfiltrated user data. The hijack is suspected to involve compromised maintainer accounts. Organizations urged to enhance supply chain security to prevent malware in open-source dependencies.
https://www.sonatype.com/blog/multiple-crypto-packages-hijacked-turned-into-info-stealers