This Week in Malware, highlights include malicious Python packages that not only exfiltrate your secrets—AWS credentials and environment variables but rather upload these to a publicly exposed endpoint. Also stated below are some more dependency confusion packages caught by us.
Article Link: This Week in Malware—show me your secrets!