ir-22-230-001 (1)

10777368500?profile=RESIZE_400xSecurity researchers have identified more than 20 malicious PyPI packages designed to steal passwords and other sensitive information from the victims’ machines.   Investigators are warning of two such packages ‘ultrarequests’ and ‘pyquest’ that were masquerading as ‘requests’, a highly popular open source package.  The malicious repositories copied the description from the legitimate package and contained fake statistics.  PyPI as an index which allows users to search for packages by keywords o