I guess after using the NPM and PyPI repositories to distribute compromised packages, malicious actors have moved to Minecraft plugin/mod repos.
Minecraft mod BOM’s when?
You must log in or register to comment.
I’m kinda surprised this hasn’t happened sooner.