Meta tag
Open-source credential theft
1 article
The .pth file that turned PyPI into a silent credential vacuum
The malicious payload activated through a 23-year-old Python feature most developers have never encountered.
28 Apr 2026
1 article
The malicious payload activated through a 23-year-old Python feature most developers have never encountered.