Actors behind PyPI supply chain attack have been active since late 2021
Researchers from SentinelOne and Checkmarx said that the supply chain attacks were part of a larger campaign by a group that has been active since at least late last year to spread credential-stealing malware the researchers are dubbing JuiceStealer.