PSF Warns of Fake PyPI Login Site Stealing User Credentials

The Python Software Foundation (PSF) is warning developers about a fresh phishing campaign that targets users of the Python Package Index (PyPI) with convincing but fake emails and a fake login site.

The emails ask recipients to verify their account details for “maintenance and security procedures.” Those who don’t follow the instructions are threatened with account suspensions, and the link they are urged to click leads to a spoofed site hosted at pypi-mirror.org.

Seth Larson, a developer at the PSF, explained that anyone who entered their credentials on the phishing site should change their PyPI password right away and review their account’s Security History for any unusual activity. He also encouraged users to report suspicious emails or phishing attempts directly to [email protected].

The danger behind these attacks is not limited to individual accounts. Once threat actors obtain login details, they can tamper with trusted packages already ...