The past year has seen over 10,000 downloads of malicious packages hosted on the official Python package repository, ESET research finds.

These malicious packages - deploying cyberespionage backdoors and targeting Windows and Linux systems - were found circulating via the PyPI repository. Security experts expect the problem to continue.

Yesterday, following a DMCA complaint, GitHub took down a repository that hosts the official SymPy project documentation website. It turns out the DMCA notice filed by HackerRank's representatives ...

The official Python software package repository PyPI is under attack from threat actors that have begun flooding it with spam packages according to a new report from BleepingComputer.

Counterfeit packages downloaded roughly 5,000 times from the official Python repository contained secret code that installed cryptomining software on infected machines, a security researcher has ...