Malicious code in postcss-xanthus-gulp-subscription (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adc387ce7ccdab7159902519e5efccdb38cb7e21391b157e4e4873a12630de6c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...