Everything there is to find on tag: PyPI.
Malicious Python package poses new supply chain threat
The open-source package elementary-data, with over a million downloads per month, has been compromised. Attac...
Tag: PyPI
Timeline
Sophisticated social engineering campaign targets Python community
Researchers from cybersecurity firm Checkmarx have uncovered a malware campaign in which attackers targeted t...
Temporarily no new users welcome on PyPi due to malware
The Python repository felt compelled to intervene after packages were uploaded that executed malicious code o...
New malicious packages found in Python Package Index repository
A threat actor has uploaded three malicious packages to the PyPI (Python Package Index) repository. The pack...
Researchers find malicious info-stealing packages in PyPI
Security firm Phylum discovered six malicious packages on the Python Package Index (PyPI). The packages insta...
Researchers find dozens of PyPi packages pushing malware
Researchers at software supply chain security firm Phylum have discovered over two dozen Python packages...
PyPI packages under attack after phishers target developers
Developers and maintainers of PyPI are under attack by digital scammers through email phishing. Several Py...
Python PyPi is going to cost money
Python Software Foundation is working on a paid version of PyPi, the official Python package repository. The ...
17 malicious packages found in Node.js Package Manager (NPM)
Another 17 malicious packages have been discovered in an open-source repository by researchers. In recent tim...
Sophisticated malware from PyPI was downloaded more than 41,000 times
PyPI, the open-source repository used by both large and small organizations to download code libraries, was h...