As numerous as 60 harmful npm packages have been identified in the package registry featuring harmful capabilities to gather hostnames, IP addresses, DNS servers, and user directories to a Discord-managed endpoint. The packages, released under three distinct accounts, include an installation script that activates during npm install, as noted by Socket security investigator Kirill Boychenko in a