#pypi

[ follow ]
fromThe Hacker News
2 weeks ago

PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks

These changes improve PyPI's overall account security posture, making it harder for attackers to exploit expired domain names to gain unauthorized access to accounts.
Python
fromArs Technica
1 month ago

Supply-chain attacks on open source software are getting out of hand

Malicious packages published on npm and PyPI had been downloaded more than 56,000 times, containing malware that enabled keylogging and other surveillance functionalities.
Privacy technologies
Python
fromRealpython
1 month ago

Episode #258: Supporting the Python Package Index - The Real Python Podcast

Supporting over 650,000 projects on the Python Package Index involves tackling user issues and enhancing community engagement through varied support roles.
Growth hacking
fromThe Hacker News
3 months ago

Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts

Malicious packages on PyPI were designed to validate stolen emails against TikTok and Instagram, enabling potential cyber attacks.
[ Load more ]