Malicious code in nottuff10 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aec6b68489cb95001c5971ace33533e31169126fb141feea65e198756e66c05c The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...