Malicious libraries are not uncommon in package repositories. Last year, researchers discovered ten of them in PyPi, the official third-party store for Python programming language.

Chainguard Libraries for Python integrates with existing artifact managers to empower application security teams to close this massive security hole while meeting developers how they work.

A software security engineer has identified 12 Python libraries uploaded on the official Python Package Index (PyPI) that contained malicious code.

Devs unknowingly use “malicious” modules snuck into official Python repository Code packages available in PyPI contained modified installation scripts.