that uses malware hosted on the Python repository PyPI to search for files on the victim's device and exfiltrate them to a Telegram bot. The malicious packages, all of which now seem to have been ...