A malware campaign is currently underway targeting popular Python packages by typosquatting. Once deployed the malware replaces crypto wallet addresses stored in the clipboard with a wallet controlled by the attacker. Phylum has discovered over 450 malicious packages in the wild mostly targeting crypto, finance, and web development packages.
More information on affected packages and detailed writeup here!