News
A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers.
The Python Package Index (PyPI) registry has removed three malicious Python packages aimed at exfiltrating environment variables and dropping trojans on the infected machines. These malicious ...
Nir Cohen describes Wagon, which takes Python wheels, packages them together, adds metadata, and allows for offline extraction and installation.
PyApp seems to be taking the Python world by storm, providing long-awaited click-and-run Python distribution. For developers ...
Three malicious packages hosted in the Python Package Index (PyPI) code repository have been uncovered, which collectively have more than 12,000 downloads – and presumably slithered into ...
The PyPI package flood is just the latest in a string of attacks on public repositories with the intent to plant malicious code.
Hidden Risk PyPI is one of the most popular Python package repositories in the world, with millions of daily downloads and a half-million hosted packages.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback