Incident Report: Phishing AttackOver the past few days, a phishing attack targeting PyPI users via email was uncovered.Our initial report…
Read the follow-up post: Phishing Attack Follow-Up(Ongoing, preliminary report)PyPI has not been hacked, but users are being targeted by a…
A follow-up to the previous post.We have since learned that the campaign was orchestratedby the company that owns the inbox.ru…
A recent spam campaign against PyPI has prompted an administrative action,preventing using the inbox.ru email domain.This includes new registrations as…
On April 14, 2025 security@pypi.org was notified of a potential security concernrelating to privileges granted to a PyPI User via…
We're introducing a newTerms of Serviceto formalize our relationship to usersand enable us to move forward with providing new features…
Support for marking projects as archived has landed on PyPI. Maintainers can nowarchive a project to let users know that…
Earlier this year, I wrote briefly about new functionality added to PyPI, theability to quarantine projects.This feature allows PyPI administrators…
Last week, the Python project “ultralytics” suffered a supply-chain attack through a compromise of the projects’ GitHub Actions workflows and…
If you are looking to set up a WordPress blog, you need to choose the best WordPress hosting for your…
This website uses cookies.