Hours after we reported on the npm phishing campaign using the typosquatted npnjs.com site, we’re now seeing the first major fallout: popular npm packages, including eslint-config-prettier and eslint-plugin-prettier, were compromised when a maintainer’s npm token was stolen via the phishing email.A suspicious activity report in GitHub issue on the eslint-config-prettier repo revealed that four new versions of eslint-config-prettier were published with no corresponding commits or PRs on GitHub. M...