Researchers Uncover Malicious Python Library on PyPI Enabling Unauthorized Music Downloads

Cybersecurity researchers have reported a malicious Python library on the Python Package Index (PyPI) repository that enables unauthorized downloads of music from the streaming service Deezer. The package in question, automslc, has been downloaded more than 104,000 times since its publication in May 2019 and remains available on PyPI at the time of writing. This package facilitates the illegal downloading of music, which constitutes a violation of copyright and Deezer's terms of service.