Cybersecurity researchers have discovered new malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information. The npm registry is a public database of JavaScript packages that developers use to contribute packages to the community or download packages for their own projects. The default npm public registry is found at https://registry.npmjs.org. npm is configured to use this registry by default, but it can be configured to use any compatible regi
