Password-stealing package outed by security firm evokes sense of déjà vu
Read more: https://www.theregister.com/2021/07/21/npm_malware_password/
Read ReversingLabs Research here: https://blog.secure.software/groundhog-day-npm-package-caught-stealing-browser-passwords