JPCERT/CC Warns of Malicious PyPI Packages Created by North Korean Hackers
The malicious packages were disguised as legitimate Python packages, and although they have been removed from PyPI, they were downloaded over 3,000 times, compromising thousands of systems.