Cybersecurity researchers are warning of “imposter packages” mimicking popular libraries available on the Python Package Index (PyPI) repository.
The 41 malicious PyPI packages have been found to pose as typosquatted variants of legitimate modules such as HTTP, AIOHTTP, requests, urllib, and urllib3.
The names of the packages are as follows:
aio5, aio6, htps1, httiop, httops, httplat, httpscolor
Can you write more about it? Your articles are always helpful to me. Thank you!