Malicious npm packages posing as utilities delete project directories Two malicious have been discovered in the JavaScript package index, which masquerades useful but, reality, are destructive data wipers that entire application directories.