Security firm Checkmarx found that one in three software packages from PyPI contains a flaw that can lead to malicious code being automatically installed. Many software packages from the Python ...

Written in Rust, the PyApp utility wraps up Python programs into self-contained click-to-run executables. It might be the ...

Astral's uv utility simplifies and speeds up working with Python virtual environments. But it has some other superpowers, too: it lets you run Python packages and programs without having to ...

Hackers are once again targeting Python developers involved in the blockchain industry in an attempt to distribute malware and steal tokens. A new report from cybersecurity researchers at ...

Security researchers found two packages on PyPI, showing malicious intent The packages grant the attackers access to systems and sensitive data The researchers warn developers to exercise caution ...

Een jaarlijks onderzoek onder meer dan 30.000 ontwikkelaars, uitgevoerd door de Python Software Foundation en JetBrains, ...

PyPI malware termncolor and colorinal downloaded 884 times exploit DLL side-loading, persistence, and C2 communication.

Malicious Python packages found exfiltrating user data to Telegram bot Appears to be part of a wider operation by crime gang based in Iraq, say Checkmarx researchers ...

De Python Package Index (PyPI) controleert dagelijks op verlopen domeinnamen, gebruikt bij de accountregistratie door gebruikers, om zo te voorkomen dat aanvallers een verlopen domein registreren en d ...

The Python Package Index (PyPI) has introduced new protections against domain resurrection attacks that enable hijacking ...