The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
InfoWorld

Project promises packaging panacea for Python

Pipenv, a brand-new experimental tool, is offered as a packaging panacea for Python developers. Developed over last weekend, the tool is intended to bring the “best of all packaging worlds” to Python, ...
Techzine Europe

Anthropic invests in Python ecosystem security

Anthropic is entering into a two-year partnership with the Python Software Foundation. The company is investing a total of $1 ...

Anthropic Backs Python Security With $1.5 Million PSF Partnership

Anthropic committed $1.5 million to the Python Software Foundation to strengthen PyPI and CPython security, targeting ...
Infosecurity-magazine.com

Python Package Index Faces Security Crisis With Validated Leaks

Security researchers have discovered a total of 3938 unique secrets on PyPI, the official third-party package management system for the Python community, across all projects, with 768 of them ...