Sponsor of the Day:
Jerkmate
https://www.helpnetsecurity.com/2026/03/25/teampcp-supply-chain-attacks/
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks - Help Net Security
Mar 27, 2026 - A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP cybercriminals.
teampcp supply chainlitellm pypipackages compromisedattacks helpexpanding
https://pradyunsg.me/blog/2024/01/27/package-release-workflow/
Choreographing a release process for my PyPI packages | Pradyun Gedam
Jan 1, 1 - I maintain quite a few Python packages and they all have development workflows as well as release processes that are different in various ways. This is...
release processpypi packagespradyun gedamchoreographing
https://cppyy.readthedocs.io/en/latest/packages.html
PyPI Packages — cppyy 3.5.0 documentation
3 5 0pypi packagesdocumentation
https://www.openwall.com/lists/oss-security/2026/03/24/6
oss-security - litellm pypi packages compromised, infostealer added
oss securitylitellm pypipackages compromisedinfostealeradded
https://badge.fury.io/
Version Badge for npm, RubyGems, PyPI, Bower and other packages
Version Badge for npm, RubyGems, PyPI, Bower and other packages
version badgenpmrubygemspypibower
https://www.codethink.co.uk/articles/2023/pypi-safety/
PyPI Security: How to Safely Install Python Packages
PyPI is a popular platform for sharing Python libraries. This article offers tips for safe use, considering recent malware attacks on the platform.
pypi securityinstall pythonsafelypackages
https://peps.python.org/pep-0480/
PEP 480 – Surviving a Compromise of PyPI: End-to-end signing of packages | peps.python.org
Proposed is an extension to PEP 458 that adds support for end-to-end signing and the maximum security model. End-to-end signing allows both PyPI and developers...
packages peps480survivingcompromisepypi