Npm Trojan Bypasses UAC, Installs AnyDesk with « Oscompatible » Package

A malicious package uploaded to the npm registry has been found deploying a sophisticated remote access trojan on compromised Windows machines.
The package, named « oscompatible, » was published on January 9, 2024, attracting a total of 380 downloads before it was taken down.
oscompatible included a « few strange binaries, » according to software supply chain security firm Phylum, including a single