Administrators of the Python Paket Pypi (Python Package Index) after it turned out that it became clear that it turned out that it became clear that it became clear that it became clear 1,500 projects were created not by attackers, but by a security team in the VK company, which owns the Inbox.ru domain. The goal was stated to prevent potential attacks on external libraries used in VK. VK representatives apologized and assured that they would no longer register projects to identify and prevent attacks.
Recall that last week the use of @inbox.ru postal addresses was blocked in PYPI due to the registration of more than 1,500 projects that could be used for attacks on users, the following recommendations Mistakers in writing the names of packages. The projects used the names of nonexistent libraries that are mistakenly recommended by large language models (scrapswotting) or similar to the names of popular projects.