Researchers have discovered malicious DeepSeek-impersonating packages ("deepseekai" and "deepseeek") on PyPi, loaded with infostealers targeting developers, ML engineers, and AI enthusiasts. These packages, designed to steal API keys, database credentials, and permissions, were downloaded 222 times before deletion. The attack, a typosquatting scheme, highlights the risks of unverified open-source dependencies. Experts warn similar threats likely exist on other platforms and urge developers to use SCA tools, vulnerability scanners, and dependency monitoring to prevent such attacks. Additionally, AI-assisted malicious code development is expected to rise, increasing cybersecurity risks in software supply chains.

‍