ReversingLabs has published an advisory to share details of a malicious package discovered in the PyPI (Python Package Index) while performing a routine inspection of open-source repositories. Researchers Lucija Valentic and Karlo Zanki noted that the malicious package, dubbed Aabquerys, was discovered in the open-source JavaScript NPM repository and can download second and third-stage malware payloads onto infected systems.
Read full article on HackRead