Morning Bowl - 2022-08-25

Welcome to another Morning Bowl breakout:

PyPI Repository Warns Python Project Maintainers About Ongoing Phishing Attacks
The Python Package Index, PyPI, on Wednesday sounded the alarm about an ongoing phishing campaign that aims to steal developer credentials and inject malicious updates to legitimate packages. "This is the first known phishing attack against PyPI," the maintainers of the official third-party software repository said in a series of tweets. The social engineering attack entails sending
Read more....