the python package index

https://psf-warehouse-private--28.com.readthedocs.build/author/di/ Dustin Ingram - The Python Package Index Blog The official blog of the Python Package Index the python package index dustin ingram blog https://blog.pypi.org/author/miketheman/ Mike Fiedler - The Python Package Index Blog The official blog of the Python Package Index the python package index mike fiedler blog https://blog.pypi.org/author/s-mm/ Shamika Monahan - The Python Package Index Blog The official blog of the Python Package Index the python package index monahan blog https://blog.pypi.org/posts/2024-04-17-expanding-trusted-publisher-support/ Expanding Trusted Publisher Support - The Python Package Index Blog Announcing additional Trusted Publishing providers the python package index publisher support expanding trusted blog https://blog.pypi.org/posts/2023-12-04-account-takeover/ Incident Report: User Account Takeover - The Python Package Index Blog A PyPI user had their account taken over the python package index incident report user account takeover https://test.pypi.org/ TestPyPI · The Python Package Index The Python Package Index (PyPI) is a repository of software for the Python programming language. the python package index https://psf-warehouse-private--28.com.readthedocs.build/posts/2023-11-14-1-pypi-completes-first-security-audit/ PyPI has completed its first security audit - The Python Package Index Blog We are proud to announce PyPI's first external security audit. the python package index first security audit https://blog.pypi.org/posts/2023-06-01-2fa-enforcement-for-upload/ Enforcement of 2FA for upload.pypi.org begins today - The Python Package Index Blog PyPI now requires all uploads from accounts with 2FA enabled to use an API token or Trusted Publisher configuration. the python package index https://blog.pypi.org/posts/2024-11-14-pypi-now-supports-digital-attestations/ PyPI now supports digital attestations - The Python Package Index Blog Announcing support for PEP 740 on the Python Package Index the python package index pypi supports digital attestations https://blog.pypi.org/posts/2023-05-26-reducing-stored-ip-data/ Reducing Stored IP Data in PyPI - The Python Package Index Blog PyPI has stopped using IP data when possible, and is continuing to reduce the amount of IP data stored overall. the python package index ip data https://blog.pypi.org/archive/2025/ 2025 - The Python Package Index Blog The official blog of the Python Package Index the python package index blog https://blog.pypi.org/posts/2024-03-20-announcing-a-pypi-support-specialist/ Announcing a PyPI Support Specialist - The Python Package Index Blog The Python Software Foundation is hiring to support PyPI the python package index support specialist announcing pypi https://blog.pypi.org/posts/2026-04-16-pypi-completes-second-audit/ PyPI has completed its second audit - The Python Package Index Blog We are proud to announce PyPI's second external security audit. the python package index second audit https://sethmlarson.dev/security-developer-in-residence-weekly-report-18 Querying every file in every release on the Python Package Index — Seth Larson Python, open source, and the internet the python package index seth larson https://psf-warehouse-private--28.com.readthedocs.build/author/ewdurbin/ Ee Durbin - The Python Package Index Blog The official blog of the Python Package Index the python package index ee durbin blog https://github.com/orgs/pypi/packages Packages · The Python Package Index · GitHub GitHub is where people build software. More than 150 million people use GitHub to discover, fork, and contribute to over 420 million projects. the python package index packages github https://blog.pypi.org/posts/2025-11-26-pypi-and-shai-hulud/ PyPI and Shai-Hulud: Staying Secure Amid Emerging Threats - The Python Package Index Blog Shai-Hulud is a great worm, not yet a snake. Attack on npm ecosystem may have implications for PyPI. the python package index shai hulud https://blog.pypi.org/posts/2023-08-04-pypi-hires-safety-engineer/ PyPI hires a Safety & Security Engineer - The Python Package Index Blog the python package index safety security pypi https://blog.pypi.org/archive/2026/ 2026 - The Python Package Index Blog The official blog of the Python Package Index the python package index blog https://caremad.io/posts/2016/05/powering-pypi/ Powering the Python Package Index · caremad the python package index powering https://blog.pypi.org/posts/2025-09-16-github-actions-token-exfiltration/ Token Exfiltration Campaign via GitHub Actions Workflows - The Python Package Index Blog Incident report of a recent attack campaign targeting GitHub Actions workflows to exfiltrate PyPI tokens, our response, and steps to protect your projects. the python package index github actions workflows token https://blog.pypi.org/posts/2023-05-25-securing-pypi-with-2fa/ Securing PyPI accounts via Two-Factor Authentication - The Python Package Index Blog PyPI will require all users who maintain projects or organizations to enable one or more forms of two-factor authentication (2FA) by the end of 2023. the python package index two factor authentication https://blog.pypi.org/posts/2026-04-02-incident-report-litellm-telnyx-supply-chain-attack/ Incident Report: LiteLLM/Telnyx supply-chain attacks, with guidance - The Python Package Index Blog Python Package Index shares insights and provides guidance following LiteLLM/Telnyx supply-chain attacks the python package index supply chain attacks incident report https://blog.pypi.org/posts/2025-08-18-preventing-domain-resurrections/ Preventing Domain Resurrection Attacks - The Python Package Index Blog PyPI now checks for expired domains to prevent domain resurrection attacks, a type of supply-chain attack where someone buys an expired domain and uses it to... the python package index preventing domain resurrection attacks https://blog.pypi.org/ The Python Package Index Blog The official blog of the Python Package Index the python package index blog https://blog.pypi.org/posts/2023-12-13-2fa-enforcement/ 2FA Requirement for PyPI begins 2024-01-01 - The Python Package Index Blog PyPI will require 2FA for all users on Jan 1, 2024. the python package index 2fa requirement pypi begins https://blog.pypi.org/posts/2024-08-16-safety-and-security-engineer-year-in-review/ Safety & Security Engineer: First Year in Review - The Python Package Index Blog the python package index safety security first year https://blog.pypi.org/author/sethmlarson/ Seth Larson - The Python Package Index Blog The official blog of the Python Package Index the python package index seth larson blog https://blog.pypi.org/posts/2025-12-31-pypi-2025-in-review/ PyPI in 2025: A Year in Review - The Python Package Index Blog A look back at the major changes to PyPI in 2025 and related statistics. the python package index year review pypi blog https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/ Introducing 'Trusted Publishers' - The Python Package Index Blog Announcing a new, more secure way to publish to PyPI the python package index introducing trusted publishers blog https://blog.pypi.org/posts/2025-07-28-pypi-phishing-attack/ PyPI Users Email Phishing Attack - The Python Package Index Blog PyPI Users are receiving emails detailing them to log in to a fake PyPI site. the python package index phishing attack pypi users email https://blog.pypi.org/tags/ Tags - The Python Package Index Blog The official blog of the Python Package Index the python package index tags blog https://blog.pypi.org/posts/2025-11-14-login-verification/ New Login Verification for TOTP-based Logins - The Python Package Index Blog PyPI has added email verification for TOTP-based logins the python package index new login https://blog.pypi.org/posts/2025-09-23-plenty-of-phish-in-the-sea/ Phishing attacks with new domains likely to continue - The Python Package Index Blog A new phishing campaign targeting PyPI users using similar tactics to previous campaigns. the python package index phishing attacks new domains https://blog.pypi.org/posts/2023-11-14-3-security-audit-remediation-cabotage/ Security Audit Remediation: cabotage - The Python Package Index Blog A deeper dive into the remediation of the security audit findings for the cabotage project. the python package index security audit remediation cabotage blog https://blog.pypi.org/posts/2023-04-23-introducing-pypi-organizations/ Introducing PyPI Organizations - The Python Package Index Blog Announcing the launch of a significant new collaboration feature for PyPI the python package index introducing pypi organizations blog https://sethmlarson.dev/security-developer-in-residence-weekly-report-26 Releases on the Python Package Index are never “done” — Seth Larson Python, open source, and the internet the python package index seth larson releases never https://blog.pypi.org/archive/2023/ 2023 - The Python Package Index Blog The official blog of the Python Package Index the python package index blog https://blog.pypi.org/posts/2025-08-14-project-status-markers/ PyPI now serves project status markers in API responses - The Python Package Index Blog PyPI has implemented PEP 792, and is now serving project status markers in its standard HTML and JSON APIs. the python package index project status markers https://blog.pypi.org/posts/2024-12-30-quarantine/ Project Quarantine - The Python Package Index Blog Handling project quarantine lifecycle status for suspected malware the python package index project quarantine blog https://blog.pypi.org/posts/2024-04-03-user-account-access/ Incident Report: Unauthorized User Accounts Access - The Python Package Index Blog An attack on PyPI user accounts starting on March 31st, 2024. the python package index incident report user accounts unauthorized https://github.com/pypi/warehouse GitHub - pypi/warehouse: The Python Package Index · GitHub The Python Package Index. Contribute to pypi/warehouse development by creating an account on GitHub. the python package index github pypi warehouse https://blog.pypi.org/posts/2024-12-11-ultralytics-attack-analysis/ Supply-chain attack analysis: Ultralytics - The Python Package Index Blog Analysis of a package targeted by a supply-chain attack to the build and release process the python package index supply chain attack analysis ultralytics blog https://blog.pypi.org/archive/2024/ 2024 - The Python Package Index Blog The official blog of the Python Package Index the python package index blog https://blog.pypi.org/posts/2023-11-14-1-pypi-completes-first-security-audit/ PyPI has completed its first security audit - The Python Package Index Blog We are proud to announce PyPI's first external security audit. the python package index first security audit https://blog.pypi.org/posts/2024-06-16-prohibiting-msn-emails/ Prohibiting Outlook email domains - The Python Package Index Blog We have prohibited new registrations of accounts using Outlook email domains. the python package index outlook email prohibiting domains blog https://blog.pypi.org/posts/2023-09-18-inbound-malware-reporting/ Inbound Malware Volume Report - The Python Package Index Blog Analysis of inbound malware reporting volume and response times from PyPI administrators. inbound malware volume report the python package index blog https://blog.pypi.org/author/woodruffw/ William Woodruff - The Python Package Index Blog The official blog of the Python Package Index the python package index william woodruff blog https://blog.pypi.org/posts/2023-06-22-malware-detection-project/ Announcing the launch of PyPI Malware Reporting and Response project - The Python Package Index Blog The official blog of the Python Package Index python package index the launch

Robuta