Malicious Package Discovered in npm Registry

A malicious package has been discovered in the npm registry. This package hides malicious code using invisible Unicode characters and uses Google Calendar links for its command and control servers. Technical details include the use of steganography to conceal the malicious code, making it more difficult to detect.