PyPI warns of phishing emails from noreply@pypj[.]org posing as "[PyPI] Email verification" to redirect users to fake package sites. PyPI…
North Korea-linked APT group Gleaming Pisces is distributing a new malware called PondRAT through tainted Python packages. Unit 42 researchers…
PyPI is going to enforce two-factor authentication (2FA) for all project maintainers by the end of this year over security…
The Python Package Index (PyPI) maintainers have temporarily disabled the sign up and package upload processes due to an ongoing…
Researchers discovered a malicious package on PyPI that uses Unicode to evade detection while stealing sensitive data. Supply chain security…
Experts discovered a fully featured information stealer, tracked as 'Colour-Blind' in the Python Package Index (PyPI). Researchers from Kroll's Cyber…
Researchers discovered three malicious packages that have been uploaded to the Python Package Index (PyPI) repository by Lolip0p group. FortiGuard…
Researchers spotted a malicious package in the Python Package Index (PyPI) repository that impersonates a software development kit (SDK) for…
Experts discovered a malicious package on the Python Package Index (PyPI) that uses steganographic to hide malware within image files.…
Cybersecurity researchers discovered 29 malicious PyPI packages delivering the W4SP stealer to developers' systems. Cybersecurity researchers have discovered 29 packages…
This website uses cookies.