Malicious PyPI Packages Target Crypto Wallet Recovery Passwords in BIPClip Campaign
The malicious packages used name squatting, disguised dependencies, and legitimate-looking code to steal mnemonic phrases, evading detection and targeting crypto assets without broader system compromise.