I published a breakdown of several Python packages that can be repurposed for building surveillance/spyware-style tooling.
The write-up focuses on:

• which packages enable keylogging, screen capture, webcam access, browser data extraction, etc

• how attackers combine these packages for full-scope monitoring

• why these libraries are so easy to misuse

• practical mitigations for developers and defenders

No drama, no “hacking tutorial” garbage — just an audit-style analysis showing how legitimate packages become building blocks for malicious tooling.

Full post:
https://audits.blockhacks.io/audit/python-packages-to-create-spy-program

Would appreciate feedback from people who deal with Python malware, IR, or supply-chain issues.