After a brief period of suspending new user registrations and package uploads, the Python Package Index (PyPI) repository is now operational once again. While some initially attributed the issue to an influx of malicious packages inundating the site, a PyPI administrator clarified that there was no significant surge, but rather a shortage of personnel to handle the usual volume. PyPI, the official software repository for Python, boasts a user base of over 700,000 and hosts more than 450,000 projects, as stated on its homepage. Due to its popularity, it has become a target for hackers who aim to introduce harmful packages as a starting point for supply chain breaches. Commencing on Saturday afternoon (UTC), PyPI temporarily halted new user and project registrations.
In a recent collaboration with NK News, SentinelLabs, a renowned cybersecurity firm, has uncovered a targeted social engineering campaign orchestrated by the North Korean Advanced Persistent Threat (APT) group known as Kimsuky.