Cybersecurity Alert: SSH Key Theft Embedded in Popular NPM Packages