News
Hosted on MSN3mon
Deceptive packages and the threat of typos - MSN
The attackers primarily target users of Colorama, a popular Python package, and Colorizr, a similar tool used in JavaScript (NPM).
How many of you have downloaded packages from PyPi without looking through all of the source? pip install colorama? We’d guess that it’s nearly all of us who use Python.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback