Python, JavaScript Developers Targeted With Fake Packages Delivering Ransomware
On Friday, Phylum security researchers warned that a threat actor was typosquatting popular PyPI packages to direct developers to malicious dependencies containing code to download payloads written in Golang (Go).