A case study on detecting npm supply chain attacks through runtime monitoring and baseline anomaly detection