PyPI suspends registrations amid malware attack
The Python Package Index (PyPI) has suspended new project creation and user registration to mitigate an ongoing malware upload campaign. This move comes as security researchers at Checkmarx uncovered a campaign involving multiple malicious packages related to the same threat actors.
The attackers are targeting victims through typosquatting attacks, tricking users into installing malicious Python packages through their command-line interface. This multi-stage attack aims to steal...
Recent Comments