Entries about malicious packages not in "MAL-" namespace #348
Description
Hello, and first of all, thanks for all the amazing work you do for the community.
I identified several entries related to malicious PyPI packages that are not in the "MAL-" namespace:
PYSEC-2025-3
PYSEC-2025-4
PYSEC-2025-5
PYSEC-2025-6
PYSEC-2025-7
PYSEC-2025-8
PYSEC-2022-199
PYSEC-2024-152
It is a bit tricky to keep track of this unique type of vulnerability entries (Malicious packages) when they are not in that namespace.
Should these entries have assigned a new "MAL-" ID? Or should a new field be added to the schema indicating this type of risk?
Looking forward you thoughts!