Malicious PyPI Package Deploys XMRig Minertt
A freshly discovered strongmalicious PyPI package strong is impersonating SymPy, the go-to library for symbolic math in Python. This sneaky upload deceives developers into installing it, unleashing an XMRig cryptocurrency miner on Linux machines. Dubbed sympy dev and uploaded January 17, 2026, it has snagged over 1,100 downloads in days. Such strong malicious PyPI tactics…