ActiveState, the dynamic language experts offering solutions for Perl, Python, and Tcl, has launched its Python Package Manager Index (PyPM Index) to give developers a more complete picture of ...

A security firm found three malicious Python libraries uploaded on the official Python Package Index (PyPI) that contained a hidden backdoor which would activate when the libraries were installed ...

PyPI unverified 1,800 emails since June 2025 to block expired-domain attacks, strengthening open-source supply chain security.

When a Python package is installed by a developer, PIP – Python’s package manager – tries to collect and process the metadata of the package, such as its version and the dependencies it ...

The Python Package Index (PyPI) is putting a stop to so-called “domain resurrection attacks” that have been observed in the ...

You're wondering what tools are out there or what you're missing. There are thousands, but if you're new to the subject, it's ...

The package targets users of the cloud-based, chimera-sandbox environment, in an attempt to cast a wider net and steal high-value corporate-level credentials.

Take advantage of BeeWare Briefcase to make Python programs that are a snap to deploy and easy to redistribute ...

10 malicious Python packages exposed in latest repository attack Supply-chain attacks are moving GitHub toward digitally signed packages.

Have you ever wished you could edit Python packages installed locally without reinstalling them? Editable installs are the way.