Multiple hijacked npm cryptocurrency packages exfiltrate sensitive environment variables via obfuscated scripts and pose risks to open source ecosystems.| www.sonatype.com
