Malicious Python Packages Discovered on PyPI

Cybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI) repository designed to steal sensitive information and test stolen credit card data. Two of the packages, bitcoinlibdbfix and bitcoinlib-dev, masquerade as fixes for recent issues detected in a legitimate Python module called bitcoinlib, according to ReversingLabs. A third package has also been identified. These packages have been downloaded more than 39,000 times, highlighting the potential impact of these attacks.