MAL-2025-149501 Malicious code in winston-javascript-fork-pino (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c31d8ef523f64895d99cdf3b37549e07b7ff03de07b73488c2b778f8569fd1ab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...