PyPI Suspends Uploads
In what is very likely an unprecedented event; this past weekend (5/20-5/21) PyPI.org suspended new user creation and new project additions. As explained in their incident page: a shortage of staff combined with the pace of malicious uploads has grown to a level that PyPI didn’t feel they could keep up over the weekend (Read: they needed a break) I rather suspect that the increased volume of malware is a side effect of recent media attention on the PyPI repository as an attack vector as well as increased reporting by security organizations such as Vipyr Security who scan PyPI’s repositories for threat actors....