Techly NewsGet the app

Get the latest tech news

PyPI Prohibits inbox.ru email domain registrations


We have prohibited new registrations of accounts using inbox.ru email domains.

The campaign created over 250 new user accounts, publishing over 1,500 new projects on PyPI, leading to end-user confusion, abuse of resources, and potential security issues. This pattern seems to be consistent with setting up a large number of accounts, confirming access, and then executing a large-scale "attack". PyPI Admins were alerted to this condition initially on 2025-07-08 from a user telling us that they were working with a Large Language Model (Sonnet 4) recommending installing a project that did not exist - aka"slopsquatting".

Get the Android app

Or read this on Hacker News

Read more on:

Photo of PyPI Prohibits

PyPI Prohibits

« VMware Reboots Its Partner Program Again
Just a ‘FRED’ Security FAIL — Ignored by US Rail for 20 YEARS moment... »