JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
Sanuj is a freelance tech journalist with over six years of experience covering smartphones, wearables, and consumer technology. He currently writes for Android Police, Tom's Guide, Android Central, ...