Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS systems with the goal of stealing users’ Google Cloud credentials from a narrow pool of victims.
The package, named « lr-utils-lib, » attracted a total of 59 downloads before it was taken down. It was uploaded to the registry in early June 2024.
« The malware uses a
