Two malicious packages, Zebo-0.1.0 and Cometlogger-0.1, were identified by an AI-driven OSS malware detection system. These packages contain Python scripts designed for surveillance, data exfiltration, and unauthorized control. Zebo-0.1.0 uses obfuscation techniques, keylogging, screen capturing, and data exfiltration to a remote server. It also implements a persistence mechanism to ensure re-execution upon system startup. Cometlogger-0.1 exhibits webhook manipulation, information theft from various platforms, anti-VM detection, dynamic file modification, and persistence mechanisms. Both packages pose significant security risks, including credential leaks and sensitive information theft. The analysis highlights the importance of cybersecurity awareness and robust defensive measures against such malicious code.