A new package mimicked the popular 'requests' library on the Python Package Index (PyPI) to target macOS devices with the Sliver C2 adversary framework, used for gaining initial access to corporate networks. Discovered by Phylum, the campaign involves several steps and obfuscation layers, including using steganography in a PNG image file to covertly install the Sliver payload on the target. As of writing this, the malicious PyPI package has been removed, but its discovery is another sign of Sliv...