Security News > 2020 > December > Malicious NPM packages used to install njRAT remote access trojan
New malicious NPM packages have been discovered that install the njRAT remote access trojan that allows hackers to gain control over a computer.
NPM is a JavaScript package manager that allows developers and users to download packages and integrate them into their projects.
Today, open-source security firm Sonatype discovered malicious NPM packages masquerading as a legitimate tool to make databases out of JSON files.
Over the past year, it has become increasingly common to find NPM packages that install malware or perform malicious behavior.
Recently, NPM removed malicious packages called 'fallguy' and 'discord.