Malicious code in nottuff12 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector beeb7a0cb302b59468d0c8e75f4eac559afebefdf4526e4ed0832ab6ffc738ad The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...