Malware & Threats Malware Upload Attack Hits PyPI Repository Maintainers of the Python Package Index (PyPI) repository were forced to suspend new project creation and new user registration to mitigate a malware upload... Ryan NaraineMarch 28, 2024
Application Security PyPI Packages Found to Expose Thousands of Secrets GitGuardian discovered roughly 4,000 secrets in nearly 3,000 PyPI packages, including Azure, AWS, and GitHub keys. Ionut ArghireNovember 14, 2023
Identity & Access PyPI Enforcing 2FA for All Project Maintainers to Boost Security PyPI will require all accounts that maintain a project to enable two-factor authentication (2FA) by the end of 2023. Ionut ArghireMay 30, 2023