July 2025 maintainer-phishing compromise that pushed malware through eslint-config-prettier, eslint-plugin-prettier, synckit, @pkgr/core and napi-postinstall, packages with tens of millions of weekly downloads.
Objective
Distribute Windows malware through trusted, high-download npm packages.
