Sophisticated, Highly-Targeted Attacks Continue to Plague npm

https://blog.phylum.io/sophisticated-highly-targeted-attacks-continue-to-plague-npm/

tl;dr several packages were recently published to npm that appear to be subtle command and control. Behaviors of the infrastructure seem to mimic those recently identified by Phylum as being nation state activity from North Korea.