Name of the Vulnerable Software and Affected Versions spam (affected versions not specified)

Description The issue involves a compromise of a user account through a phishing attack, leading to the creation of a malicious release of the spam project on PyPI. This malicious release contains code that accesses environment variables and downloads and runs malware during the installation process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.