News

InfoWorld7d

PyApp: An easy way to package Python apps as executables

Written in Rust, the PyApp utility wraps up Python programs into self-contained click-to-run executables. It might be the ...

PyPI now blocks domain resurrection attacks used for hijacking accounts

The Python Package Index (PyPI) has introduced new protections against domain resurrection attacks that enable hijacking ...
InfoWorld8y

Project promises packaging panacea for Python - InfoWorld

Pipenv, a brand-new experimental tool, is offered as a packaging panacea for Python developers. Developed over last weekend, the tool is intended to bring the “best of all packaging worlds” to ...
The Hacker News8d

PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks

PyPI unverified 1,800 emails since June 2025 to block expired-domain attacks, strengthening open-source supply chain security.
Bleeping Computer6y

Python Package Installation Can Trigger Malicious Code

Python modules are typically installed using a package manager called 'pip', which launches a 'setup.py' file that is made available by the developer of the package for installation purposes.
Bloomberg L.P.4y

Supporting the Python community by “Shifting Left”

Bloomberg is providing a grant to the Python Software Foundation (PSF) funding a full-time Project & Community Manager for the Python Packaging ecosystem.
Ars Technica7y

Devs unknowingly use “malicious” modules snuck into official Python ...

The official repository for the widely used Python programming language has been tainted with modified code packages, a computer security authority in Slovakia warned. The authority also said the ...