Researchers at FortiGuard Labs uncovered nine sets of malicious NPM packages designed to steal sensitive data, including system information, user credentials, and source code. These malicious packages use install scripts to exfiltrate data to webhooks or file-sharing links. These npm packages highlight a significant and often overlooked threat within the open-source ecosystem.