/ NPM allow masquerade a malicious package npm that allows threat actors to masquerade a malicious package as legitimate and trick unsuspecting developers into installing it https://blog.aquasec.com/npm-package-planting 1.5K views14:13