Multiple open source software packages on the Python Package Index (PyPI) repository were found to be malicious, likely compromising thousands of devices, experts have warned.

The Python Package Index (PyPI) registry has removed three malicious Python packages aimed at exfiltrating environment variables and dropping trojans on the infected machines. These malicious ...

The Python Package Index (PyPI) is putting a stop to so-called “domain resurrection attacks” that have been observed in the ...

This time, the repository was PyPI, short for the Python Package Index, which is the official software repository for the Python programming language.

Over the weekend an attacker has been uploading thousands of malicious Python packages on the public PyPI (Python Package Index) software repository.

More than 400 malicious packages were recently uploaded to PyPI (Python Package Index), the official code repository for the Python programming language, in the latest indication that the ...

Two malicious versions of two Python packages were introduced in the Python Package Index (PyPI) with the purpose of stealing SSH and GPG keys from Python developers' projects.

For the second time since March, a cybersecurity firm has discovered troubling malware software packages uploaded to the Python Package Index platform.