The Python code repository was infiltrated by malware bent on data exfiltration from developer apps and more. Three malicious packages hosted in the Python Package Index (PyPI) code repository have been uncovered. The trojanized package is called aws-login0tool, and once the package is installed, it fetches a payload executable that turns out to be a known trojan. The packages can be used to take over unsuspecting users accounts and servers, according to the researcher.”]
Source: https://threatpost.com/malicious-pypi-code-packages/176971/

