A Python coding community is undergoing a software supply-chain attack, with threat actors targeting the 170,000-strong Top.gg GitHub organisation with malware.

Now Google is making a $350,000 donation to support some Python Software Foundation (PSF) projects that aim to improve the supply-chain security of the Python ecosystem.