A malicious package named 'replica-num-calculator' was recently added to the Python Package Index (PyPI) with a security namespace reservation. The package targets Python developers by impersonating a legitimate utility, potentially leading to supply-chain attacks or credential theft. Users installing this package risk exposing their development environments to unauthorized access or data exfiltration.
replica-num-calculator added to PyPI
A malicious package named 'replica-num-calculator' was recently added to the Python Package Index (PyPI) with a security namespace reservation. The package targets Python developers by impersonating a legitimate utility, potentially leading to supply-chain attacks or credential theft. Users installing this package risk exposing their development environments to unauthorized access or data exfiltration.