The past year has seen over 10,000 downloads of malicious packages hosted on the official Python package repository, ESET research finds.

The Python Package Index (PyPI) has introduced new protections against domain resurrection attacks that enable hijacking ...

Click to Tweet: Want to automatically build, resolve dependencies and create your own custom runtime in minutes? @ActiveState adds 50,000 curated #Python package versions to the ActiveState Platform.

A new malicious campaign has been found on the Python Package Index (PyPI) open-source repository involving 24 malicious packages that closely imitate three popular open-source tools: vConnector, ...

Over the weekend an attacker has been uploading thousands of malicious Python packages on the public PyPI (Python Package Index) software repository.

On Friday, the Python Package Index (PyPI), repository of open source Python projects announced plans to rollout two factor authentication for maintainers of "critical" projects. Although many ...

More than 400 malicious packages were recently uploaded to PyPI (Python Package Index), the official code repository for the Python programming language, in the latest indication that the ...

Devs unknowingly use “malicious” modules snuck into official Python repository Code packages available in PyPI contained modified installation scripts.

Microsoft harvested data about Python compatibility for libraries currently registered with PyPI (Python Package Index), the default repository for third-party Python libraries.