A npm package maintainer has fallen victim to a phishing attackThe attackers accessed packages and updated them to carry malwareMost antivirus programs are still not properly flagging the malicious ...