Update 25/06/2025: After the publication of our blog, JFrog was contacted by a security team and was informed that the PyPI package was published as part of an internal security audit – “The PyPI package was not created with malicious intent and users were not targeted by unknown threat actors, the purpose of this simulation …