the malicious package was added to PyPi last year in June and has been downloaded 885 times so far.

That’s a pretty long time to go undetected. Makes you wonder how many other similar packages there currently are, yet to be discovered, in PyPi, npm and others.