Malicious code in nottuff29 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074e027c282713fdcd142d97a0a6b07a661db091f58be50fd7fb9dfa724b968f The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...