Showing only posts tagged counterfeit. Show all posts.

Ahoy, there’s malice in your repos—PyPI is the latest to be abused

Source

Enlarge (credit: Getty Images) Counterfeit packages downloaded roughly 5,000 times from the official Python repository contained secret code that installed cryptomining software on infected machines, a security researcher has found. The malicious packages, which were available on the PyPI repository, in many cases used names that mimicked those …