Get the latest tech news

PyPI Preventing Domain Resurrection Attacks

PyPI now checks for expired domains to prevent domain resurrection attacks, a type of supply-chain attack where someone buys an expired domain and uses it to take over PyPI accounts through password resets.

Since early June 2025, PyPI has unverified over 1,800 email addresses when their associated domains entered expiration phases. This isn't a perfect solution, but it closes off a significant attack vector where the majority of interactions would appear completely legitimate. Thanks to our friends at Domainr(a Fastly service), we can use their Status API to issue periodic queries for any given domain, and act on the response.

Get the Android app