The Python Package Index, better known among developers as PyPI, has issued a warning about a phishing attack targeting developers who use the service.
The community-run organization said this is the first known phishing attack against PyPI users. And the attack has unfortunately been somewhat successful, resulting in the compromise of some users’ accounts.
PyPI is an online package registry where Python programmers can download code modules for their applications and can host software libraries for the benefit of the Python community.
Source: The Register