This package adds the attacker's public SSH key to the user's authorized_keys file, creating a backdoor.
{ "malicious-packages-origins": null }