Researchers at cybersecurity company Checkmarx have issued an alert to a dangerous malware uploaded to the Python Package Index (PyPI) that steals private keys. According to the company, the malware was automatically uploaded by suspicious users through several different packages, aiming to mimic the decoding applications of popular wallets such as MetaMask, Atomic, TronLink, Ronin, and other mainstream products in the industry. The malicious software is cleverly embedded into various parts of the software package. Due to the fact that these malicious software appear to be harmless code, they are basically undetectable. @seung631