"People downloading open source packages should take extra care in making sure the item they’re downloading is legitimate and not malware masquerading as something legitimate." Click to expand ...