Software in Python Package Index (PyPI) and Hypertext Preprocessor (PHP) repositories have been targeted in supply-chain attacks, which researchers say are aimed at stealing users' Amazon Web ...