@swapgs
Pwning Composer which serves 2 billion software packages every month. More than a hundred million of these requests could have been hijacked to distribute malicious dependencies and compromise millions of servers. https://www.sonarsource.com/blog/securing-developer-tools-a-new-supply-chain-attack-on-php/