Malicious Package on PyPI Targets MEXC Crypto Exchange Users

A malicious package has been uploaded to the Python Package Index (PyPI) repository, designed to redirect trading orders placed on the MEXC cryptocurrency exchange platform to a malicious server and steal tokens. This package, named ccxt-mexc-futures, presents itself as an extension of the popular ccxt (CryptoCurrency eXchange Trading) library. Cybersecurity researchers have uncovered this threat, which specifically targets users of the MEXC trading API.