Cybersecurity researchers have spotted a sneaky new trick used by hackers to compromise developers’ computers. This latest threat, which first appeared at the beginning of February 2026, involves malicious code hidden inside npm packages, which programmers use to create apps. According to researchers at ReversingLabs, this specific attack, dubbed the Ghost campaign, tricks users into thinking they are installing a helpful tool. The software is busy stealing private data in the background.[1]
