Researchers have identified a new variant of the KEKW malware family that was found in a Python package distribution site called PyPI. The new variant is being referred to as "py_kekw" and is believed to be a malicious attempt to infect users' machines with malicious code.

The malware was discovered when researchers were scanning the PyPI database for malicious packages. Upon further investigation, they discovered that the malicious code was found in a package called "django-xadmin". The malicious code was disguised as a legitimate Python package and was used to download and execute malicious code when users installed the package.

The code was found to be a variant of the KEKW malware family, which is known for its ability to exfiltrate sensitive data and allow attackers to gain access to user systems. The code also had the ability to install additional malicious payloads on the user's machine.

The researchers believe that the malicious code was uploaded to the PyPI repository in an attempt to spread the malware to unsuspecting users. Fortunately, the malicious package was quickly removed after the researchers alerted the PyPI team.

The discovery of this new variant of the KEKW malware family is a reminder that users should always be vigilant when downloading packages from untrusted sources. It is important to always scan any packages for malicious code before installing them. Additionally, users should always ensure that their antivirus software is up to date and that they are using strong passwords to protect their accounts.