Malicious Python Package Available in PyPI Repo for a Year

By GIXnews

Two malicious versions of two Python packages were introduced in the Python Package Index (PyPI) with the purpose of stealing SSH and GPG keys from Python developers’ projects. […]

Source:: BleepingComputer