Your Code Is Not Safe: Malicious NPM Packages Are Deleting Files