Trojan:JS/CoinMiner in npm files

Hello, I am a front end developer and use Vue.js and Visual Studio Code and have had an issue recently with scripts not running in my terminal so decided to fault find. All programmes that I can think of are up to date, and today I decided to do a full windows defender scan and found the above file. I cannot say how to reproduce it as I'm not sure how I got it in the first place. These are my global packages: `PS C:\web-dev\adp-run> npm list -g --depth 0 C:\Users\mada7\AppData\Roaming\npm +-- @vue/[email protected] +-- @vue/[email protected] +-- [email protected] +-- [email protected] +-- [email protected] +-- [email protected] +-- [email protected] +-- [email protected] +-- [email protected] `-- [email protected]` I’ve done some research and cant find what npm package the file came from (if any) so was wondering if : I) This file is from a compromised npm package I’ve used? II) This file is from node.js? I’ve done a fresh install of node within the last 7 days III) Whether I’m one of many infected with this malware, I am not aware of using the event-stream package that was infected previously Thanks for any help, Windows Defender tells me the threat is blocked. Adam ## Impact This threat can perform a number of actions of a malicious hacker's choice