Name of the Vulnerable Software and Affected Versions: Exotel (affected versions not specified)

Description: The issue concerns a compromise of the Exotel project on PyPI through a phishing attack, leading to a malicious release that downloads and runs malware during installation. This affects environments where the malicious version of Exotel is installed, potentially exposing sensitive information through environment variables.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.