An automated malicious attack was recently carried out in npm. To my understanding, such an attack is possible with NuGet using scripts like init.ps1. A cursory look at my local nuget packages cache ...