Software supply chain attacks continue to threaten the developer ecosystem as threat actors find new ways to infiltrate popular open-source repositories. In a recent discovery, security researchers at ThreatLabz identified a highly deceptive malicious package hosted on the Python Package Index (PyPI). The threat actor uploaded a package named “parsimonius,” executing a classic typosquatting attack […]
The post Fake Parsimonious Python Package Spreads Malware Through Package Repositories appeared first on Cyber Security News.