Somebody with time on their hands has tested out a devious new form of typosquatting targeting developers installing Python packages from the PyPI (Python Package Index) repository. According to an advisory posted to the Slovak National Security Office (NBU), ten packages for Python 2.x were removed from the site after being found to contain malicious code hidden inside software using filenames either nearly identical to, or which could be mistaken for, legitimate ones.

Read full news article on Naked Security