PyPI or the Python Package Index is giving away 4,000 Google Titan security keys as part of its move to mandatory two-factor authentication (2FA) for critical projects built in the Python ...

Python-Based Malware Slithers Into Systems via Legit VS Code The prolific Chinese APT Mustang Panda is the likely culprit behind a sophisticated cyber-espionage attack that sets up persistent ...

Several harmful Python .whl files containing a new type of malware called “Kekw” have been discovered on PyPI (Python Package Index). According to new data by Cyble Research and Intelligence Labs ...

Someone has been slipping infostealers into Python code repositories since April 2023, stealing people’s sensitive information, login credentials, and cryptocurrency. A report from cybersecurity ...

PyPI malware termncolor and colorinal downloaded 884 times exploit DLL side-loading, persistence, and C2 communication.

Security firm Checkmarx found that one in three software packages from PyPI contains a flaw that can lead to malicious code being automatically installed. Many software packages from the Python ...

The campaign has been monitored since early April by analysts at Checkmarx's Supply Chain Security team, who discovered 272 packages with code for stealing sensitive data from targeted systems.

Nearly half (45%) of AI-generated code contains security flaws despite appearing production-ready, new research from Veracode ...

Veracode today unveiled its 2025 GenAI Code Security Report, revealing that AI-generated code introduces security vulnerabilities in 45% of cases.

Offensive Security Using Python is your go-to manual for mastering the quick-paced field of offensive security. Claim it until May 21 for free.