The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing attacks using a fake Python Package Index (PyPI) website.

Python virtual environments shine for keeping projects and conflicting packages separate. Just keep these dos and don’ts in mind.

What are Python virtual environments? A virtual environment is a way to have multiple, parallel instances of the Python interpreter, each with different sets of packages and different configurations.

Multiple malicious Python packages available on the PyPI repository were caught stealing sensitive information like AWS credentials and transmitting it to publicly exposed endpoints accessible by ...

German software company PVRadar Labs has released a Python programming package for solar asset owners and engineers that want to build site-specific models.

Ando (2024) proposes a systematic approach, but a user-friendly package to implement it has not been developed. This paper addresses this gap by introducing a Python package, macroframe-forecast, that ...

A recently spotted supply chain attack abused an old but legitimate Python package to deliver a malicious payload. Read more on how the attacker managed to do it and how to protect yourself from it.