Malicious code in bud-live-server (npm)

The package bud-live-server was found to contain malicious code...

bud-live-server (>=0.0.0 <=0.0.5), just-a-browserify-server (>=0.0.0 <=1.0.0) potentially affected by unknown CVE via just-a-server (>=0.0.0 <=0.0.1)

just-a-server NPM version =0.0.0, =0.0.0, =0.0.0, =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-24109...

MAL-2025-16256 Malicious code in bud-live-server (npm)

The package bud-live-server was found to contain malicious code...