tanvisoul9 npm Backdoors

npm packages published by a single operator that plant SSH backdoors and full remote access trojans on developer machines. All variants exfiltrate stolen data to the tanvisoul9@gmail.com mailbox, tying the packages to one actor.