William Khem-Marquez discovered that using malicious plugins for the the Babel JavaScript compiler could result in arbitrary code execution during compilation