Researchers say the malware was in the repository for two weeks, advise precautions to defend against malicious packages.

From Google to Microsoft, European newsrooms often rely on tools built in Silicon Valley. Some are trying to break free, turning to open-source alternatives or home-grown solutions.