Some of the ways cybercriminals steal your data are social engineering scams, ransomware and adversary-in-the-middle attacks.
The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.