Supply Chain Phishing Campaign Drops More Malware Into NPM: got-fetch 5.1

Checkmarx discovered that npm package got-fetch versions 5.1.11 and 5.1.12 were backdoored after a maintainer was compromised by a phishing campaign; the malicious releases included a Pycoon information-stealer (crashreporter.dll). The maintainer and npm deprecated/removed the versions, but the advisory warns that cached copies in internal registries or deployed containers may persist, provides indicators (package.json/package-lock entries and a malicious DLL hash), lists other affected packages, and gives remediation steps (migrate to Node.js fetch, upgrade/downgrade got-fetch, remove cached/deployed instances, and update detection tools).