Malicious npm Utility Packages Enable Attackers to Wipe Production Systems

Socket’s Threat Research Team has uncovered two malicious npm packages, express-api-sync and system-health-sync-api, designed to masquerade as legitimate utilities while embedding destructive backdoors capable…