On September 8th 2021, as part of greenfield research project, I discovered a
malicious package in Packagist [https://packagist.org/], the main Composer
repository. The symfont/process [https://packagist.org/packages/symfont/process]
package contains malware and uses a technique called "package typosquatting" to
target users of the