On Friday, the Python Package Index (PyPI), the official repository for third-party open source Python projects, announced plans to mandate two-factor authentication requirements for maintainers of “critical” projects. Although manyRead More →
The Python Package Index (PyPI) registry removed several Python packages this week that aimed to steal users’ credit card numbers, Discord tokens, and provide code execution capabilities to threat actors.Read More →
A Sophos security report details the finding of at least 4,000 fake libraries in the PyPI repository, all uploaded by a user identified as Remind Supply Chain Risks, These librariesRead More →