Hijacked S3 buckets used in attacks on npm packages

Cybercrooks use abandoned AWS storage tool to deliver malware

Miscreants are using expired Amazon Web Services (AWS) S3 buckets to place malicious code into a legitimate package in the npm repository without having to tinker with any code.…

from The Register