Yesterday, Phylum's automated risk detection platform discovered that the PyPI package aiocpa was updated to include malicious code that steals private keys by exfiltrating them through Telegram when users initialize the crypto library. While the attacker published this malicious update to PyPI, they deliberately kept the package's GitHub repository clean
In the takedown announced on Wednesday, Europol said it investigated 102 suspects and arrested 11 of them on accusations they were distributing content from streaming services illegally.
