On September 8th 2021, as part of greenfield research project, I discovered a malicious package in Packagist, the main Composer repository. The symfont/process package contains malware and uses a technique called "package typosquatting" to target users of the popular symfony/process package which has been downloaded over 300 million