A pernicious potpourri of Python packages in PyPI The past year has seen over 10,000 downloads of malicious packages hosted on the official Python package repository ...

The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing attacks using a fake Python Package Index (PyPI) website.

Two malicious packages are targeting Bitcoin developers, and another hitting WooCommerce stores.

Python virtual environments shine for keeping projects and conflicting packages separate. Just keep these dos and don’ts in mind.

Multiple malicious Python packages leaking sensitive user information have been uncovered by security experts. In a blog post, Sonatype security researcher Ax Sharma says the packages: loglib ...

What are Python virtual environments? A virtual environment is a way to have multiple, parallel instances of the Python interpreter, each with different sets of packages and different configurations.

German software company PVRadar Labs has released a Python programming package for solar asset owners and engineers that want to build site-specific models.

A recently spotted supply chain attack abused an old but legitimate Python package to deliver a malicious payload. Read more on how the attacker managed to do it and how to protect yourself from it.