The JFrog security research team has uncovered a sophisticated, malicious PyPI package, hermes-px, that leverages multiple layers of deception to steal user data. Marketed as a “Secure AI Inference Proxy” that routes OpenAI-compatible requests through the Tor network to guarantee anonymity, the package is a highly elaborate trap. In reality, Hermes-px hijacks a private university’s […] The post Trojanized PyPI AI Proxy Steals Data With Stolen Claude Prompt appeared first on Cyber Security News.