Cybersecurity researchers are warning of “imposter packages” mimicking popular libraries available on the Python Package Index (PyPI) repository.
The 41 malicious PyPI packages have been found to pose as typosquatted variants of legitimate modules such as HTTP, AIOHTTP, requests, urllib, and urllib3.
The names of the packages are as follows:
aio5, aio6, htps1, httiop, httops, httplat, httpscolor