When a GitHub repository that hasn’t been touched for almost a decade suddenly gets an “update”, users should be wary, as it might just be a hostile takeover with the intention of distributing viruses ...