A software security engineer has identified 12 Python libraries uploaded on the official Python Package Index (PyPI) that contained malicious code.
The 12 packages have been discovered in two separate scans by a security engineer who goes online by the name of Bertus, and have long been removed from PyPI before this article’s publication.
All packages were put together and worked following a similar pattern. Their creator(s) copied the code of popular packages and created a new library, but with a slightly modified name. For example, four packages (diango, djago, dajngo, djanga) were misspellings of Django, the name of a very popular Python framework.