New Malicious PyPI Packages used by Lazarus

JPCERT/CC confirms that the Lazarus APT published multiple malicious Python packages on PyPI (pycryptoenv, pycryptoconf, quasarlib, swapmempool) using typosquatting to distribute Comebacker malware; the packages contain XOR-encoded DLLs decoded and executed via rundll32, with network C2 POST behavior, listed C2 domains/IPs, file hashes, and PDBs provided as IOCs for detection and response.