Malicious Python package “disgrasya” on PyPI automates credit card fraud targeting WooCommerce sites. It mimics legitimate user behavior to bypass fraud detection, exfiltrating card data to attackers. With 34,000 downloads before removal, it highlights evolving cyber threats in e-commerce. Merchants are urged to enhance security against similar attacks.
https://gbhackers.com/malicious-pypi-package-targets-e-commerce-sites/