Beware Of Typos That May Lead To Malicious PyPI Package Installation


Cybersecurity experts have raised alarms over a new threat vector targeting Python developers: typo-squatting on the Python Package Index (PyPI).

The notorious Lazarus group, known for its cyber espionage and sabotage activities, has been implicated in the release of malicious packages designed to exploit typographical errors made by developers when installing packages.

Read more…