The Hacker News

Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown

Malicious PyPI package soopsocks downloaded 2,653 times before takedown, exfiltrating Windows data to Discord.
InfoWorld

Project promises packaging panacea for Python

Pipenv, a brand-new experimental tool, is offered as a packaging panacea for Python developers. Developed over last weekend, the tool is intended to bring the “best of all packaging worlds” to Python, ...

New string of phishing attacks targets Python developers

If you recently got an email asking you to verify your credentials to a PyPI site, better change that password ...
SecurityWeek

PyPI Warns Users of Fresh Phishing Campaign

PyPI, the default platform for Python's package management tools, is warning users of a fresh phishing campaign.
How-To Geek on MSN

Python Package Index Responds to Malware Attack by Invalidating Tokens

The Python Package Index (PyPI), run by the Python Software Foundation, has officially invalidated all the publishing tokens that were stolen in the GhostAction supply chain attack that happened ...
InfoWorld

Python virtualenv and venv dos and don’ts

Python virtual environments shine for keeping projects and conflicting packages separate. Just keep these dos and don’ts in mind. One of Python’s biggest draws is its expansive ecosystem of ...
ZDNet

Twelve malicious Python libraries found and removed from PyPI

A software security engineer has identified 12 Python libraries uploaded on the official Python Package Index (PyPI) that contained malicious code. The 12 packages have been discovered in two separate ...
Electronics Weekly

Simplified PicoScope control by Python

Pico Technology has released a Python package designed to simplify the use of its PicoScope 6000E and 3000E Series USB oscilloscopes. Called pyPicoSDK and built on its the existing PicoSDK, the ...