MAL-2026-6784 Malicious code in @marketfront/livestreampreviewpopup (npm)
The @marketfront/livestreampreviewpopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0...