27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts
November 17, 2023 at 06:00AM An unidentified threat actor has been uploading malware-laden fake Python libraries to the PyPI repository for the past six months. Disguised as legitimate packages, these 27 libraries have attracted thousands of downloads from various countries. The attacker used steganography to hide malicious payloads within innocent-looking image files. The packages included … Read more