Read news on PyPI with our app.
Read more in the app
Carding tool abusing WooCommerce API downloaded 34K times on PyPI
Python's PyPI Finally Gets Closer to Adding 'Organization Accounts' and SBOMs
Ethereum private key stealer on PyPI downloaded over 1,000 times
PyPi package with 100K installs pirated music from Deezer for years
DeepSeek AI tools impersonated by infostealer malware on PyPI
PyPI adds project archiving system to stop malicious updates
Malicious PyPi package steals Discord auth tokens from devs
Abusing Git branch names to compromise a PyPI package
Attestations: A new generation of signatures on PyPI
PyPI now supports digital attestations
Removing PGP from PyPI
Revival Hijack supply-chain attack threatens 22,000 PyPI packages
StackExchange abused to spread malicious PyPi packages as answers
Leaked admin access token to Python, PyPI, and PSF GitHub repos
An analysis of module names inside top PyPI packages
Cybercriminal Posed as 'Helpful' Stack Overflow User To Recommend Malware Hosted on PyPi
PyPi package backdoors Macs using the Sliver pen-testing suite
PyPI suspends new user registration to block malware campaign
Japan warns of malicious PyPi packages created by North Korean hackers
Three Packages Targeting Linux with Crypto Miners Found in Python's 'PyPi' Repository
