Malicious package flood on PyPI might be sign of new attacks to come

02 March 2023
Over the weekend, an attacker was found uploading thousands of malicious Python packages to the public PyPI software repository. If executed on a Windows system, these packages will download and install a Trojan program hosted on Dropbox.