The researchers found six malicious payloads, all uploaded by a single user. The attacker designed them to run during a package’s installation. People have collectively downloaded these payloads around 5,000 times.
Support the originator by clicking the read the rest link below.