A malicious PyPi package named 'disgrasya', which exploits WooCommerce stores to validate stolen credit cards, has been downloaded over 34,000 times before its removal. The package automates the process of card validation by simulating a checkout flow, making it difficult for fraud detection systems to identify. Mitigation strategies include blocking low-value orders and implementing CAPTCHA steps during checkout.

A significant leak on a Russian forum has revealed sensitive information related to credit cards, with implications for users' financial security. The breach involves the exposure of personal data that could facilitate fraud and identity theft, raising concerns about cybersecurity measures in place.