A targeted supply chain attack attributed to Famous Chollima compromised a development branch of the legitimate PHP package 'roberts/leads' on Packagist. The attackers injected an obfuscated JavaScript loader into a tailwind.js configuration file, which utilizes blockchain RPC infrastructure as a dead drop to retrieve and execute secondary payloads like DEV#POPPER RAT, likely as part of a Contagious Interview developer lure.