Here is a reflection of Cycle Seven and an overview of the current; Cycle Eight. Providing insight into our product roadmap…
The yearly Open Collective retreat shuffled our schedules around a bit:We used the two weeks before the retreat to tie…
The Python Package Index is introducing new restrictions to protectPython package installers and inspectors from confusion attacks arisingfrom ZIP parser…
Incident Report: Phishing AttackOver the past few days, a phishing attack targeting PyPI users via email was uncovered.Our initial report…
A follow-up to the previous post.We have since learned that the campaign was orchestratedby the company that owns the inbox.ru…
Read the follow-up post: Phishing Attack Follow-Up(Ongoing, preliminary report)PyPI has not been hacked, but users are being targeted by a…
A recent spam campaign against PyPI has prompted an administrative action,preventing using the inbox.ru email domain.This includes new registrations as…
On April 14, 2025 security@pypi.org was notified of a potential security concernrelating to privileges granted to a PyPI User via…
We're introducing a newTerms of Serviceto formalize our relationship to usersand enable us to move forward with providing new features…
Support for marking projects as archived has landed on PyPI. Maintainers can nowarchive a project to let users know that…
This website uses cookies.