Malicious NPM Packages Disguised With 'Invisible' Dependencies

In the "PhantomRaven" campaign, threat actors published 126 malicious npm packages that have flown under the radar, while collecting 86,000 downloads.