Any Python people here?
https://www.zdnet.com/article/two-malicious-python-libraries-removed-from-pypi/
python3-dateutil
jeIlyfish
Quote
The two malicious clones were discovered on Sunday, December 1, by German software developer Lukas Martini. Both libraries were removed on the same day after Martini notified dateutil developers and the PyPI security team.
While the python3-dateutil was created and uploaded on PyPI two days before, on November 29, the jeIlyfish library had been available for nearly a year, since December 11, 2018.
Machine-raiding Python libraries squashed by community – Naked Security
https://nakedsecurity.sophos.com/2019/12/05/machine-raiding-python-libraries-squashed-by-community/