Cybersecurity researchers from SafeDep and Veracode detailed a number of malware-laced npm packages that are designed to execute remote code and download additional payloads.
The packages in question are listed below -

eslint-config-airbnb-compat (676 Downloads)
ts-runtime-compat-check (1,588 Downloads)
solders (983 Downloads)
@mediawave/lib (386 Downloads)

All the identified npm



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/06/malicious-pypi-package-masquerades-as.html