Researchers Unearth Logic Bomb Attack in Python Package Index (PyPI)
The researchers found six malicious payloads, all uploaded by a single user. The attacker designed them to run during a package’s installation. People have collectively downloaded these payloads around 5,000 times.
