Cybersecurity investigators have identified a harmful package in the Python Package Index (PyPI) repository that pretends to be an innocuous Discord-related tool but contains a remote access trojan.
The package involved is discordpydebug, which was submitted to PyPI on March 21, 2022. It has been downloaded 11,574 times and remains accessible on the open-source registry.