A hacker has gained access to a developer’s npm account and injected malicious code into a popular JavaScript library. The malicious code was designed to steal the npm credentials of users who utilize the poisoned package inside their projects. The hacker used the newly-generated npm token to authenticate and push a new version of the eslint-scope library on the npm repository of JavaScript packages. The developer who had his account compromise has changed his password, enabled two-factor authentication, and generated new tokens to access his existing libraries.
Source: https://www.bleepingcomputer.com/news/security/compromised-javascript-package-caught-stealing-npm-credentials/