Malicious Go Binary Delivered via Steganography in PyPI
The malicious package, called “requests-darwin-lite”, was a fork of the popular “requests” Python package. The attacker used the cmdclass feature in the setup.py file to customize the package installation process.