Technology ❯ Software Development ❯ Package Management
Malicious Packages Security Vulnerabilities Vulnerabilities Dependency Management CLI Tools PyPI Security Risks Malicious Code Security Trojanized Packages
Researchers say attackers used compromised push access to abuse the project's GitHub Actions release workflow and publish poisoned packages that fetch a large, multi‑channel command framework from IPFS.