A new software supply chain attack is being exploited in the wild, according to security researchers. The technique targets Python applications distributed via the Python Package Index, or PyPI.

A software security engineer has identified 12 Python libraries uploaded on the official Python Package Index (PyPI) that contained malicious code. The 12 packages have been discovered in two separate ...

The scanners tasked with weeding out malicious contributions to packages distributed via the popular open source code repository Python Package Index (PyPI) create a significant number of false alerts ...

Do you have a Python application you want to give to the world, or at least your teammates? Here are six ways to package Python applications for distribution. Python’s explosive growth over the last ...

Old Python package comes back to life and delivers malicious payload Your email has been sent A recently spotted supply chain attack abused an old but legitimate Python package to deliver a malicious ...

According to cybersecurity firm Hacken, financial losses from crypto hacks topped $440 million in the third quarter of 2024. Researchers at the Checkmarx cybersecurity firm sounded the alarm on a ...

PyPI, a vital repository for open source developers, temporarily halted new project creation and new user registration following an onslaught of package uploads that executed malicious code on any ...