The attack, which started in May 2023 with "several" malicious packages uploaded to the Python Package Index (PyPI) official repository, was capable of impacting at least 100,000 GitHub ...