Pythonコミュニティは5月25日(現地時間)、「Securing PyPI accounts via Two-Factor Authentication - The Python Package Index」において、2023年末までにPyPI (Python Package Index)でプロジェクトや組織を管理しているすべてのユーザーに対し、2023年末までに二要素認証(2FA: ...

PythonパッケージのアップロードプラットフォームであるPython Package Index(PyPI)を運営するPython Software Foundation(PSF)が、2023年3月から4月にかけて、アメリカ司法省からユーザーデータを要求する召喚状を3回発行されたことを明らかにしました。PSFはこの召喚状に ...

Check Point Software Technologiesは6月16日(米国時間)、「PyPI Suspends New Registrations After Malicious Python Script Attack」において、PyPI (Python Package ...

Fortinetは1月14日(米国時間)、「Supply Chain Attack Using Identical PyPI Packages, “colorslib”, “httpslib”, and “libhttps”｜FortiGuard Labs」において、PyPI (Python Package ...

On Friday, the Python Package Index (PyPI), the official repository of third-party open-source Python projects announced plans to mandate two-factor authentication requirement for maintainers of ...

In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17, ...

Multiple malicious Python packages available on the PyPI repository were caught stealing sensitive information like AWS credentials and transmitting it to publicly exposed endpoints accessible by ...

We were able to download nitrosdk-python from pypi.org, but today suddenly getting 404 instead. Last successful attempt was about 23 hours ago - at 2022/4/20 09:11 ...

Check if there are potential typosquatters on a package you care about. Check if there are potential typosquatters on the most downloaded PyPI packages. Check if packages newly added to PyPI are ...