2 comments

[ 3.1 ms ] story [ 16.1 ms ] thread
(comment deleted)
There are something like 50 Github accounts spamming clones of packages with no git history, which still somehow show as forks of existing packages, and contain the same malicious loader. I reported a few, but this is a bit beyond me.