all InfoSec news
Developers beware: Imposter HTTP libraries lurk on PyPI
ReversingLabs Blog blog.reversinglabs.com
While monitoring different malicious packages found in public software repositories, ReversingLabs researchers have noticed an increase of malicious HTTP libraries on the Python Package Index (PyPI) repository. Actually, we should air-quote “HTTP libraries.” In reality, most of these are simple, malicious packages bearing names that are Frankenstein-like amalgamations of the acronym "HTTP".
dev & devsecops developers http imposter malicious malicious packages monitoring names package packages public pypi python python package python package index repositories repository researchers reversinglabs simple software threat research