Two malicious NPM packages posing as WhatsApp development tools have been discovered deploying destructive data-wiping code that recursively deletes files on a developer's computers.

Two malicious NPM packages currently available in the registry target WhatsApp developers with destructive data-wiping code.

The packages, discovered by researchers at Socket , masquerade as WhatsApp socket libraries and were downloaded over 1,100 times since their publication last month.

Despite Socket having filed takedown requests and flagging the publisher, nayflore, both remain available at the time of writing.

The names of the two malicious packages are naya-flore and nvlore-hsc , though the same publisher has submitted more on NPM, like nouku-search, very-nay, naya-clone, node-smsk, and @veryf

See Full Page