Good catch, guys. Shouldn't someone also contact the operators of ptpb.pw to take down the (at least) two URLs in question? I'd also like to understand how xeactor took over the packages. Justus