The attacker employed various techniques, including distributing malicious dependencies via a fake Python infrastructure linked to GitHub projects.