CSO Online

Modern supply-chain attacks and their real-world impact

Supply-chain attacks have evolved considerably in the las two years going from dependency confusion or stolen SSL among ...
Bleeping Computer

PyPI urges users to reset credentials after new phishing attacks

The Python Software Foundation has warned victims of a new wave of phishing attacks using a fake Python Package Index (PyPI) website to reset credentials. Accessible at pypi.org, PyPI is the default ...
Hosted on MSN

Python devs targeted with dangerous phishing attacks - here's how to stay safe

Developers who published projects on PyPI with their email in package metadata are being targeted They are asked to "verify" their email address with a fake PyPI platform The "verification" process ...

Python plan to boost software security foiled by Trump admin’s anti-DEI rules

The Python Software Foundation has rejected a $1.5 million government grant because of anti-DEI requirements imposed by the ...