Security researchers have identified a previously unknown group dubbed "JuiceLedger" as the threat actor behind a recent and first-known phishing campaign specifically targeting users of the Python ...

A dozen malicious Python packages were uploaded to the PyPi repository this weekend in a typosquatting attack that performs DDoS attacks on a Counter-Strike 1.6 server. Python Package Index (PyPi) is ...

North Korean state-sponsored hackers have uploaded malicious packages to the PyPI (Python Package Index) repository, camouflaging one of them as a VMware vSphere connector module named vConnector. The ...

PyPI is the official Python Package Index that currently contains 500,972 projects, 5,228,535 million releases, 9,950,103 million files, and 770,841 users. PyPI helps users locate and install software ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

A security firm found three malicious Python libraries uploaded on the official Python Package Index (PyPI) that contained a hidden backdoor which would activate when the libraries were installed on ...

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

The official repository for the widely used Python programming language has been tainted with modified code packages, a computer security authority in Slovakia warned. The authority also said the ...

The malicious code snippets run in the background, as a result of which it is not always noticed by developers. istock On 8 August, US security firm Check Point Research issued a report which ...