Malicious npm package opens backdoors on programmers' computers

JavaScript library posing as a Twilio-related library opens backdoors to let attackers access infected workstations.