The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing attacks using a fake Python Package Index (PyPI) website.

Security firm Checkmarx found that one in three software packages from PyPI contains a flaw that can lead to malicious code being automatically installed. Many software packages from the Python ...

Multiple open source software packages on the Python Package Index (PyPI) repository were found to be malicious, likely compromising thousands of devices, experts have warned.

Two malicious packages are targeting Bitcoin developers, and another hitting WooCommerce stores.

To uninstall the Python package using PIP, you can run pip uninstall package_name, but it depends on whether you want to remove single package or all packages.

Malicious Python packages found exfiltrating user data to Telegram bot Appears to be part of a wider operation by crime gang based in Iraq, say Checkmarx researchers ...

Take advantage of BeeWare Briefcase to make Python programs that are a snap to deploy and easy to redistribute ...

A software security engineer has identified 12 Python libraries uploaded on the official Python Package Index (PyPI) that contained malicious code.

Have you ever wished you could edit Python packages installed locally without reinstalling them? Editable installs are the way.

A recently spotted supply chain attack abused an old but legitimate Python package to deliver a malicious payload. Read more on how the attacker managed to do it and how to protect yourself from it.