On 2024-09-09 12:43:12, Georgi Guninski wrote:
>
> The DevOps and security firm estimates there are around 22,000
> packages in PyPI vulnerable to a revive hijack attack, and the
> researchers noted they've already spotted the technique being used in
> the wild to infect the pingdomv3 package.
Sol
https://www.theregister.com/2024/09/09/predator_spyware_trump_crypto/
Mon 9 Sep 2024 // 02:00 UTC
Pasting from the above:
PyPI hijack exposes 22K+ packages to takeover attacks
Security researchers monitoring open source packages have spotted
nasty folk waiting for a package to be deleted and re
