Posthog NPM packages are compromised

• November 24, 2025