<ul><li>Multiple open source software packages on the Python Package Index (PyPI) repository were found to be malicious, likely compromising thousands of devices.</li><li>Two malicious PyPI packages named 'bitcoinlibdbfix' and 'bitcoinlib-dev' were discovered, targeting bitcoin developers and claiming to be a fix for the 'bitcoinlib' module.</li><li>Another malicious package discovered, named 'disgrasya', specifically targets WooCommerce stores and functions as an automated carding script.</li><li>All three malicious packages have been removed from the PyPI repository.</li></ul>

Malicious Python packages are stealing vital data, and have been downloaded thousands of times already

Discover more