A software security engineer has identified 12 Python libraries uploaded on the official Python Package Index (PyPI) that contained malicious code.

Multiple open source software packages on the Python Package Index (PyPI) repository were found to be malicious, likely compromising thousands of devices, experts have warned.

A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system.

The PyPI package flood is just the latest in a string of attacks on public repositories with the intent to plant malicious code.