TechRadar

PyPI stops signing up new users to try and block malware campaign

Python Package Index (PyPI), the largest repository of Python packages, has once again been forced to suspend new account and new project registrations. Cybersecurity experts from both Checkmarx and ...
Bleeping Computer

PyPI suspends new user registration to block malware campaign

The Python Package Index (PyPI) has temporarily suspended user registration and the creation of new projects to deal with an ongoing malware campaign. PyPI is an index for Python projects that helps ...
ZDNet

Developers, watch your code: Official Python repository spread malicious projects

PyPI is the official Python Package Index that currently contains 500,972 projects, 5,228,535 million releases, 9,950,103 million files, and 770,841 users. PyPI helps users locate and install software ...
Bleeping Computer

PyPI urges users to reset credentials after new phishing attacks

The Python Software Foundation has warned victims of a new wave of phishing attacks using a fake Python Package Index (PyPI) website to reset credentials. Accessible at pypi.org, PyPI is the default ...
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...
InfoWorld

PyPI parser eases path to browsing Python package APIs

A new project from Read the Docs aims to automatically generate API documentation from code uploaded to the Python Package Index Read the Docs, a popular community-supported service for creating ...
Ars Technica

Devs unknowingly use “malicious” modules snuck into official Python repository

The official repository for the widely used Python programming language has been tainted with modified code packages, a computer security authority in Slovakia warned. The authority also said the ...