Bleeping Computer

Malicious PyPi packages aim DDoS attacks at Counter-Strike servers

A dozen malicious Python packages were uploaded to the PyPi repository this weekend in a typosquatting attack that performs DDoS attacks on a Counter-Strike 1.6 server. Python Package Index (PyPi) is ...
Dark Reading

Threat Actor Phishing PyPI Users Identified

Security researchers have identified a previously unknown group dubbed "JuiceLedger" as the threat actor behind a recent and first-known phishing campaign specifically targeting users of the Python ...
Security Boulevard

Malicious PyPI Packages Deliver SilentSync RAT

IntroductionZscaler ThreatLabz regularly monitors for threats in the popular Python Package Index (PyPI), which contains open source libraries that are frequently used by many Python developers. In ...
GitHub

PyPI token needs to be added to repository settings

In order to get the automatic PyPI deployment to work we need to add the PYPI_API_TOKEN to the repository secrets. I have permissions for the PyPI package as I created it but I don't have admin rights ...
Computing

PyPI repository restored after temporarily suspending new activity

After temporarily suspending new user sign-ups and package uploads, the maintainers of the Python Package Index (PyPI), the official repository for open source Python packages, have now restored the ...
Bleeping Computer

Spammers flood PyPI with pirated movie links and bogus packages

The official Python software package repository, PyPI, is getting flooded with spam packages, as seen by BleepingComputer. These packages are named after different movies in a style that is commonly ...