This repository is a Github page used as a PyPi index, conform to PEP503. You can use it to group all your packages in one place, and access it easily through pip, almost like any other package ...
Python Package Index (PyPI) maintainers have temporarily suspended user sign-ups and package uploads due to an ongoing attack. This decision seems to be due to a recent surge of newly created rogue ...
PyPI, the Python Package Index, began evaluating ways to reduce the amount of identifying information that it stores even before the US Justice Department came asking for data on suspect users. But ...
GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub ...
A new software supply chain attack is being exploited in the wild, according to security researchers. The technique targets Python applications distributed via the Python Package Index, or PyPI.
A limited number of usage scenarios is supported, including the PyPA guide example. See the non-goals for more detail. Trusted publishing cannot be used from within a reusable workflow at this time.
The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing attacks using a fake Python Package Index (PyPI) website. PyPI is a ...
A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram ...
The maintainers of the Python Package Index (PyPI) have warned of an ongoing phishing attack targeting users. “Today we received reports of a phishing campaign targeting PyPI users. This is the first ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results