"Malicious NPM Packages Used to Install njRAT Remote Access Trojan"

The open-source security firm Sonatype found malicious NPM packages that install the njRAT remote access trojan. NPM, short for Node Package Manager, is a packet manager for the JavaScript programming language. Using njRAT, a threat actor can get full remote access to a victim's computer to perform malicious activities such as modifying the Windows Registry, deleting files, logging keystrokes, stealing passwords, killing processes, taking screenshots, executing commands, and more. This article continues to discuss the installation of the njRAT remote access trojan via NPM packages, the malicious activities that threat actors can perform using njRAT, and other findings surrounding the use of NPM packages to install malware.  

BleepingComputer reports "Malicious NPM Packages Used to Install njRAT Remote Access Trojan"