Microsoft spots malicious npm package stealing data from UNIX systems

Malicious JavaScript package was only active on the npm repository for two weeks.

You can read the full article here.