Researchers have discovered a novel attack on the Python Package Index (PyPI) repository that employs compiled Python code to sidestep detection by application security tools.
« It may be the first supply chain attack to take advantage of the fact that Python bytecode (PYC) files can be directly executed, » ReversingLabs analyst Karlo Zanki said in a report shared with The Hacker News.
The package
