Malicious Package
of stream-combine has malicious code design to steal credentials and credit card information.This package is not available on the npm Registry anymore. If you used this module and your application processed credentials or credit card information, it is possible that information was stolen.