PyPI is popular among Python programmers for sharing and downloading code. Since anyone can contribute to the repository, malware – sometimes posing as legitimate, popular code libraries – can appear ...
A new software supply chain attack is being exploited in the wild, according to security researchers. The technique targets Python applications distributed via the Python Package Index, or PyPI.