2 matches found
Malicious code in winston-boson-publish-cluster (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5443c2030097f72cca3da1bb12aa17e11ac24d30b75d4b58b456b05ae958239 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-175547
Malicious code in winston-boson-publish-cluster npm...