For the second time since March, a cybersecurity firm has discovered troubling malware software packages uploaded to the Python Package Index platform.

A new malicious campaign has been found on the Python Package Index (PyPI) open-source repository involving 24 malicious packages that closely imitate three popular open-source tools: vConnector, ...

The past year has seen over 10,000 downloads of malicious packages hosted on the official Python package repository, ESET research finds.

Over the weekend an attacker has been uploading thousands of malicious Python packages on the public PyPI (Python Package Index) software repository.

Hackers are once again targeting Python developers involved in the blockchain industry in an attempt to distribute malware and steal tokens. A new report from cybersecurity researchers at ...

Python devs targeted with dangerous phishing attacks - here's how to stay safe More popular npm packages hijacked to spread malware Stealing browser data ...

Although there is nothing special about code executing on a machine, when this code is executed is a significant detail from a security standpoint.

More than 400 malicious packages were recently uploaded to PyPI (Python Package Index), the official code repository for the Python programming language, in the latest indication that the ...

On Friday, the Python Package Index (PyPI), repository of open source Python projects announced plans to rollout two factor authentication for maintainers of "critical" projects. Although many ...

Devs unknowingly use “malicious” modules snuck into official Python repository Code packages available in PyPI contained modified installation scripts.