NPM, PyPi, and NuGet Open-Source Software Repositories Flooded by 144,000 Phishing Packages
NuGet had the largest share of malicious package uploads, counting 136,258, PyPI had 7,894 infections, and NPM only had 212. The phishing packages were uploaded in troves within a couple of days, which is commonly a sign of malicious activity.