Sonatype has been tracking an open source malware campaign developing over the weekend in which a threat actor is infiltrating the PyPI software registry with hundreds of malicious packages. These packages are being rapidly removed by the PyPI admins as they come up, but the behavior continues well into today.
Article Link: Attacker floods PyPI with 450+ malicious packages that drop Windows trojan via Dropbox