marcador package versions 0.1 through 0.13 in PyPI included a code-execution backdoor.
The application contains code that appears to be malicious in nature.