Two malicious Python packages masquerading as tools for interacting with popular AI models ChatGPT and Claude were recently discovered on the Python Package Index (PyPI), the official repository for Python libraries. These packages reportedly remained undetected for over a year, silently compromising developer environments and exfiltrating sensitive data.

Source: GBHackers