A few npm advisories mention packages that were uploading SSH keys and bashrc files.
- https://www.npmjs.com/advisories/541 (package==coffeescript)
- https://www.npmjs.com/advisories/765 (package==portionfatty12)
There's also been packages that would upload the environment variables (increases impact significantly if this reaches production):
- https://blog.npmjs.org/post/163723642530/crossenv-malware-on... (package==crossenv)
- https://www.npmjs.com/advisories/486 (package==sqlserver)
A few npm advisories mention packages that were uploading SSH keys and bashrc files.
- https://www.npmjs.com/advisories/541 (package==coffeescript)
- https://www.npmjs.com/advisories/765 (package==portionfatty12)
There's also been packages that would upload the environment variables (increases impact significantly if this reaches production):
- https://blog.npmjs.org/post/163723642530/crossenv-malware-on... (package==crossenv)
- https://www.npmjs.com/advisories/486 (package==sqlserver)