39 malicious packages were removed from the Node.js package management registry. Packages are used by developers to implement common functions without having to write the code from scratch. The packages had the same functionality as the original ones with an additional ability to transfer copies of data elsewhere. Developers should check for both version numbers and the source of the package when looking for potential bad packages. There is nothing stopping package owners from using similar names, and just having similar names doesnt automatically mean malicious intent.”]