Another popular NPM library is identified using malicious packagesnyk.io2 pointssungju12038 years ago