Analysis of an exploited npm package

Jarrod Overson @ JSNation 2019