Dan Goodin / Ars Technica:
Researcher: counterfeit packages on the official Python repository, downloaded ~5,000 times, contained code that installed cryptomining software — Open source repositories can be vectors for badness, so look before you run. — Counterfeit packages downloaded roughly 5,000 times …
from Techmeme https://ift.tt/3jaDiW6
No comments:
Post a Comment