Malicious PyPI Packages Target Bitcoin Users and Payment Systems with Data-Stealing Code

Security researchers discovered three malicious Python packages on PyPI that were downloaded over 39,000 times, designed to steal sensitive data and validate stolen credit cards. The packages masqueraded as Bitcoin library fixes while containing code to steal database files and test stolen payment information.