hello,
I was quite insecure when reading this text:
https://www.bleepingcomputer.com/news/security/hundreds-of-malicious-python-packages-found-stealing-sensitive-data/
I installed anaconda on the computer I use at the company I work for, my fear is that I am putting my company at risk.
My question is: can the packages that are installed or updated by conda and conda-forge be compromised or do the packages available from these sources go through some validation process before being made available?