Dark Reading

Novel PyPI Malware Uses Compiled Python Bytecode to Evade Detection

In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17, ...
Dark Reading

'Blatantly Obvious': Spyware Offered to Cyberattackers via PyPI Python Repository

Researchers have discovered malware peddlers advertising an info-stealer out in the open on the Python Package Index (PyPI) — the official, public repository for the Python programming language — with ...
Bleeping Computer

PyPI mandates 2FA for critical projects, developer pushes back

On Friday, the Python Package Index (PyPI), the official repository of third-party open-source Python projects announced plans to mandate two-factor authentication requirement for maintainers of ...