VMware VSphere dependency confusion attempt caught by Sonatype

Image of a sphere covered by code

Last week, Sonatype discovered a dubious package 'vapi-client-bindings' published to the PyPI open source repository. The discovery was made by Sonatype's automated malware detection bots.

Article Link: VMware VSphere dependency confusion attempt caught by Sonatype