Malicious open source packages reach 1.346 million as attackers abuse trusted software, release paths, and developer ...