Malicious NPM Packages Steal Linux and Unix Password Files of Amazon, Slack, and More New malicious NPM packages are targeting Amazon, Slack, Zillow, and Lyft code repositories. Experts claim they are currently stealing Linux and Unix password files. by Giuliano J. de Leon