Not for the first time, typosquatting malware made its way into an open source code repository.

Snakes in the grass! Malicious code slithers into Python PyPI repository
https://sophosnews.files.wordpress.com/2018/10/shutterstock_1065446786-compressor.jpg?w=170&h=90&crop=1