Malicious actors are increasingly dropping malware packages into open source software repositories in the hope that developers will spread that malicious code throughout their applications.
