Malicious packages uploaded to PyPI, NPM, and Ruby repositories are targeting macOS users with information stealing malware.