ReversingLabs researchers discovered two malicious Python packages on PyPI that employed DLL sideloading to execute malicious payloads. Further investigation revealed connections to a larger campaign abusing open-source infrastructure.