Given how widespread Python is, developers should vet any third-party code they use before adding it to their projects. ESET firmly believes the abuse of PyPI will continue.

A vulnerability in the Python programming language that has been overlooked for 15 years is now back in the spotlight as it likely affects more than 350,000 open-source repositories and can lead ...

Cybersecurity company Trellix announced Wednesday that a known Python vulnerability puts 350,000 open-source projects and the applications that use them at risk of device take over or malicious ...

PyPI halted new users and projects while it fended off supply-chain attack Automation is making attacks on open source code repositories harder to fight.