MAL-2025-149087 Malicious code in vega-css-loader-json-mensa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9ed9e0c56378cf0db01dbf06e8ed7f5f59821afc593e4fc9501eefb82615d14 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...