Malicious actors are constantly on the lookout for new attack vectors and techniques, using them to infiltrate even the most secure of organizations. One major covert attack vector is the software supply chain, in which the attacker doesnt target the organization itself. Python Package Index, commonly known as PyPI or Cheese Shop, has been the target of misuse on several occasions. We processed the entire PyPI repository with our Titanium Platform static analysis solution running on a single server with two AMD EPYC 32 core processors, 256 GB of RAM, and two 3.5 TB NVMe SSD disks.”]
Source: https://blog.secure.software/suppy-chain-malware-detecting-malware-in-package-manager-repositories