To avoid compromised packages being introduced as a dependency in a larger project, security teams need to keep an eye peeled for such malicious code.
