PyPI halted new users and projects while it fended off supply-chain attack
Automation is making attacks on open source code repositories harder to fight.
A pernicious potpourri of Python packages in PyPI
The past year has seen over 10,000 downloads of malicious packages hosted on the official Python package repository, ESET research finds.