Malicious code in @onerjs/serializers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 729400f12e8686271847d4633518c63363e156c251d18ede6f1d2e947aa2c0e0 This package replicates the public API of @babylonjs/serializers and ships its source verbatim, but rewrites every internal import from @babylonjs/co...

MAL-2026-4413 Malicious code in @onerjs/serializers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 729400f12e8686271847d4633518c63363e156c251d18ede6f1d2e947aa2c0e0 This package replicates the public API of @babylonjs/serializers and ships its source verbatim, but rewrites every internal import from @babylonjs/co...

MAL-2026-4412 Malicious code in @onerjs/procedural-textures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0986739ab06b1514203d94938604b093b9ddfa2126a452ae0cc92795123a153a Package is published as @onerjs/procedural-textures but its metadata identifies it as the Babylon.js Procedural Textures Library: package.json declar...