Malicious code in nottuff16 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 570cc848bb0e31176fc13945f1cfbd39b64a671de7e2d1913b6951513c0b21b8 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...