Two malicious packages leveraging the DeepSeek name have been published to the Python Package Index (PyPI) package repository, and in the 30 minutes or so they were up, they have been downloaded 36 times. The malicious packages The attack started on January 29, 2025, when an existing account published two packages. Named deepseeek and deepseekai, the packages were ostensibly client libraries for access to and interacting with the DeepSeek AI API, but they contained functions … More
The post DeepSeek’s popularity exploited to push malicious packages via PyPI appeared first on Help Net Security.
This article has been indexed from Help Net Security