JFrog Security's research team has uncovered 17 malicious packages in the npm repository, demonstrating the increasing sophistication and stealthiness of attacks on open-source software. These packages, which have been removed from the repository, largely target Discord tokens, offering attackers full access to victims' Discord accounts. The payloads of these malicious packages range from infostealers to remote access backdoors, employing infection tactics like typosquatting, dependency confusion, and Trojan functionality. The motivation behind stealing Discord tokens includes using compromised accounts for further attacks, malware distribution, or selling premium Discord accounts. This discovery underscores the importance of vigilance in software curation and the need for automated security measures, such as those provided by JFrog Xray, to detect vulnerabilities and protect against emerging threats in open-source repositories.