Skip to content Between June 24 and June 26 several researchers reported a new variant in the Miasma lineage spreading across npm, with open-source malware tracking from OpenSourceMalware confirming the package set and affected versions. The npm maintainer account czirker, which owns the LeoPlatform (leo-* and rstreams-*) package family, was compromised: every package under the account was republished with a malicious index.js.