A wave of dangerously deceptive npm packages has surfaced, targeting the heart of modern Node.js web applications and leaving production…