Ten rogue packages with misspelled names intentionally chosen to trick users have recently been found on the Python Package Index (PyPI), the main repository for community-contributed Python components. This is the latest in a string of typosquatting attacks discovered on open-source software repositories over the past few years.
Read full news article on The New Stack