Malicious Cryptominers Target Software Repositories to Burn a Hole in Your Wallet Sonatype researchers have recently discovered malicious packages in PyPI, a software code repository, that turns developers’ workstations into cryptomining machines. Source: cyware.com