PyPI malware found last month linked to Lazarus/DPRK: https://www.reversinglabs.com/blog/vmconnect-supply-chain-campaign-continues

DPRK hackers are known to use malicious libraries for their attacks, but have previously been linked to npm only: https://github.blog/2023-07-18-security-alert-social-engineering-campaign-targets-technology-industry-employees/