Administrators of the Python Package Index (PyPI) have removed 11 Python libraries from their portal due to various malicious activities, including collecting and stealing user data, passwords and Discord app access tokens, and installing remote shells on computer systems.

Two of the eleven packages also used a new technique called dependency confusion. Using this method, attackers register packages with names that can be used inside closed corporate networks, hoping that their public package will be retrieved after the corporate package is removed.

Source: securitylab.ru