It is scary. Here they caught the culprit quickly, but if they've been careful, I think they would be able to stay under the radar and still infect a fair few systems.<p>As a person who regularly runs pip install on my main desktop, I am definitely worried about arbitrary code execution that happens when you pip install.
Sure I can run everything inside the container, but given that I do most of my work in python, I think that is too restrictive...
This one gained more traction: <a href="https://news.ycombinator.com/item?id=39856756">https://news.ycombinator.com/item?id=39856756</a>
run littlesnitch or something similar to notice and prevent egress attempts. for now it seems the only effective defense.<p>hopefully somebody builds a disk snitch. would love to buy that.