A new deceptive package hidden within the npm package registry has been uncovered deploying an open-source rootkit called r77, marking the first time a rogue package has delivered rootkit functionality. The package in question isnode-hide-console-windows, which mimics the legitimate npm packagenode-hide-console-windowin what’s an instance of a typosquatting campaign. It wasdownloaded 704