As many as eight Python packages that were downloaded more than 30,000 times have been removed from the PyPI portal for containing malicious code, once again highlighting how software package repositories are evolving into a popular target for supply chain attacks. « Lack of moderation and automated security controls in public software repositories allow even inexperienced attackers to use them
Source de l’article sur The Hacker News