In what’s yet another instance of malicious packages creeping into public code repositories, 10 modules have been removed from the Python Package Index (PyPI) for their ability to harvest critical data points such as passwords and Api tokens.
The packages “install info-stealers that enable attackers to steal developer’s private data and personal credentials,” Israeli cybersecurity firm Check
lecrab