The malware packages had names that were common typosquats of a legitimate widely used Python library. One was downloaded hundreds of times.

from Dark Reading https://ift.tt/XP4u5lg
via IFTTT