Product
Threat actors, including TeamPCP, are increasingly using malicious Python packages in supply chain attacks to compromise developer devices and infrastructure by exploiting trust in Python's packaging ecosystem, leading to automatic payload execution during installation.