Researcher: counterfeit packages on the official Python repository, downloaded ~5,000 times, contained code that installed cryptomining software (Dan Goodin/Ars Technica)

Dan Goodin / Ars Technica:Researcher: counterfeit packages on the official Python repository, downloaded ~5,000 times, contained code that installed cryptomining software  —  Open source repositories can be vectors for badness, so look before you run.  —  Counterfeit packages downloaded roughly 5,000 times …

Researcher: counterfeit packages on the official Python repository, downloaded ~5,000 times, contained code that installed cryptomining software (Dan Goodin/Ars Technica)

Dan Goodin / Ars Technica:
Researcher: counterfeit packages on the official Python repository, downloaded ~5,000 times, contained code that installed cryptomining software  —  Open source repositories can be vectors for badness, so look before you run.  —  Counterfeit packages downloaded roughly 5,000 times …