*`package.json` includes a `preinstall` script running `node setup_bun.js`, along with `setup_bun.js` and `bun_environment.js` files that appear to contain the malware.*