Three npm packages found opening shells on Linux, Windows systems

NPM staff: Any computer that has this package installed or running should be considered fully compromised.

You can read the full article here.