A malicious PyPI bundle based mostly on the favored “requests” bundle was discovered to include a backdoor hidden in a PNG file, safety researchers revealed...