ReversingLabs identified three new malicious Python packages on PyPI, which are linked to a previously discovered VMConnect campaign. Analysis of the packages reveals similarities to previous supply chain attacks attributed to the Lazarus Group. To protect against such threats, organizations must invest in training and awareness against typosquatting and other impersonation attacks and bolster their defenses.