The administrators of the Python Package Index (PyPI) repository have quarantined the package “aiocpa” following a new update that included malicious code to exfiltrate private keys via Telegram.The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to date.By putting the
First seen on thehackernews.com
Jump to article: thehackernews.com/2024/11/pypi-python-library-aiocpa-found.html
