An active campaign named 'PhantomRaven' is targeting developers with dozens of malicious npm packages that steal authentication tokens, CI/CD secrets, and GitHub credentials.

An advanced malware campaign on the npm registry steals the very keys that control enterprise cloud infrastructure.