Stranger Things concept of the “Upside Down” is a useful way to think about the risks lurking in the software we all rely on.

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

With the PyArrow library installed, pandas 3.0 interprets string columns automatically as the str data type instead of NumPy- ...

Vulnerabilities in Chainlit could be exploited without user interaction to exfiltrate environment variables, credentials, ...

Familiar bugs in a popular open source framework for AI chatbots could give attackers dangerous powers in the cloud.

Security researchers uncovered two vulnerabilities in the popular Python-based AI app building tool that could allow ...

A new Arcjet SDK lets Python teams embed bot protection, rate limiting, and abuse prevention directly into application code.

Anthropic is entering into a two-year partnership with the Python Software Foundation. The company is investing a total of $1 ...

Anthropic has committed $1.5 million to the Python Software Foundation (PSF) under a two-year partnership aimed at strengthening security across Python’s core infrastructure and package ecosystem. The ...

The Python Software Foundation (PSF) has an extra $1.5 million heading its way, after AI upstart Anthropic entered into a ...

The simple-repository-server is designed to be used as a library, but also includes a convenient command line interface for running a simple repository service: If ...