The Module-AutoLoad distribution has been found to contain malicious code in its test suite. Specifically, it attempts to load and execute Perl code from a remote server during the test suite. While initially this payload may not have been malicious, this is no longer the case. You can read the IRC discussion about this along with some summary details in an [email from Ryan Voots to the email@example.com list](https://www.nntp.perl.org/group/perl.modules/2020/07/msg101453.html).
All versions of the distribution have been removed from PAUSE and the author's PAUSE account has been locked to prevent any future uploads. However, it is still available on MetaCPAN (for now), so some CPAN tools like cpanminus may attempt to install it directly from MetaCPAN.
It's unlikely that this distribution saw wide use, since even its own docs acknowledge that it's entirely unsuitable for use.