Preventing Domain Resurrection Attacks
Summary PyPI now checks for expired domains to prevent domain resurrection attacks,a type of supply-chain attack where someone buys an expired domainand uses it to take over PyPI accounts through password resets. These changes improve PyPI’s overall account security posture,making it harder for attackers to exploit expired domain namesto gainContinue Reading