Bleeping Computer

Malicious PyPI packages abuse Gmail, websockets to hijack systems

Seven malicious PyPi packages were found using Gmail's SMTP servers and WebSockets for data exfiltration and remote command execution. The packages were discovered by Socket's threat research team, ...