T1059.006 8

• PyPI Package Impersonates SymPy to Deliver Cryptomining Malware Jan 21, 2026
• Surveillance Malware Hidden in npm and PyPI Packages Targets Developers with Keyloggers, Webcam Capture, and Credential Theft Jul 23, 2025
• Monkey-Patched PyPI Packages Use Transitive Dependencies to Steal Solana Private Keys May 29, 2025
• The Bad Seeds: Malicious npm and PyPI Packages Pose as Developer Tools to Steal Wallet Credentials Apr 22, 2025
• Malicious PyPI Package Exploits Deezer API for Coordinated Music Piracy Feb 25, 2025
• North Korean APT Lazarus Targets Developers with Malicious npm Package Jan 29, 2025
• Noxia: Emerging Dark Web Hosting Provider Targets Python, Node.js, Go, and Rust Ecosystems Oct 23, 2024
• Typosquatting on PyPI: Malicious Package Mimics Popular 'browser-cookie3' Library to Steal Sensitive Data Oct 11, 2024