Multiple NodeJS packages laden with malicious code have been spotted on npm registry. These “typosquatting” packages served no purpose other than collecting data from the user’s device and broadcasting it on public GitHub pages.
https://securityreport.com/nodejs-malware-caught-exfiltrating-ips-username-and-device-information-on-github/
https://securityreport.com/nodejs-malware-caught-exfiltrating-ips-username-and-device-information-on-github/