Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm registry that have been used to facilitate credential harvesting attacks as part of an unusual campaign.

The packages have been collectively downloaded 26,000 times, acting as an infrastructure for a widespread phishing campaign codenamed Beamglea targeting more than 135 industrial, technology, and energy companies across the world, according to Socket.

"While the packages' randomized names make accidental developer installation unlikely, the download counts likely include security researchers, automated scanners, and CDN infrastructure analyzing the packages after disclosure," security researcher Kush Pandya said .

The packages have been found to use npm's public registry and unpkg.com's CDN to

See Full Page