Targeting open-source developers
https://www.bleepingcomputer.com/news/security/hackers-bombard-pypi-platform-with-information-stealing-malware/
The PyPi python package repository is being bombarded by a wave of information-stealing malware hiding inside malicious packages uploaded to the platform to steal software developers' data.
The malware dropped in this campaign is a clone of the open-source W4SP Stealer, responsible for a previous widespread malware infection on PyPI in November 2022.