Detected presence of known software supply chain attack artifacts. (x5)

Detected presence of malicious files by a machine learning algorithm. (x1)

Detected presence of malicious files through analyst-vetted file reputation. (x5)

Detected presence of files with behaviors that match the infostealer malware profile. (x2)

Detected presence of files with behaviors similar to malicious packages published on PyPI. (x2)

Detected presence of software components that were removed from the public package repository. (x1)

Detected presence of software components that have low popularity or number of downloads. (x1)

Detected presence of files with behaviors commonly used by malicious software. (x2)

Detected presence of files containing domains related to out-of-band application security testing tools. (x2)

Detected presence of software components that are rarely included by other public software packages. (x1)