組織として初めて政府助成金の申請を行ったPythonソフトウェア財団が、助成対象に推薦されながらも、受給時の条件についてリスクがあるとして申請を取り下げたことを明らかにしました。 Python Software Foundation News: ...

A PSF proposal to address vulnerabilities in Python and PyPi was recommended for funding, but it was declined because the ...

The Python Software Foundation (PSF) has walked away from a $1.5 million government grant and you can blame the Trump ...

The Python Software Foundation (PSF) has withdrawn its $1.5 million grant proposal to the U.S. National Science Foundation ...

PythonパッケージのアップロードプラットフォームであるPython Package Index(PyPI)を運営するPython Software Foundation(PSF)が、2023年3月から4月にかけて、アメリカ司法省からユーザーデータを要求する召喚状を3回発行されたことを明らかにしました。PSFはこの召喚状に ...

Pythonコミュニティは5月25日(現地時間)、「Securing PyPI accounts via Two-Factor Authentication - The Python Package Index」において、2023年末までにPyPI (Python Package Index)でプロジェクトや組織を管理しているすべてのユーザーに対し、2023年末までに二要素認証(2FA: ...

PyPI or the Python Package Index is giving away 4,000 Google Titan security keys as part of its move to mandatory two-factor authentication (2FA) for critical projects built in the Python programming ...

Two malicious versions of two Python packages were introduced in the Python Package Index (PyPI) with the purpose of stealing SSH and GPG keys from Python developers' projects. One of them, using ...

A security firm found three malicious Python libraries uploaded on the official Python Package Index (PyPI) that contained a hidden backdoor which would activate when the libraries were installed on ...

A new malicious campaign has been found on the Python Package Index (PyPI) open-source repository involving 24 malicious packages that closely imitate three popular open-source tools: vConnector, ...

Fortinetは1月14日(米国時間)、「Supply Chain Attack Using Identical PyPI Packages, “colorslib”, “httpslib”, and “libhttps”｜FortiGuard Labs」において、PyPI (Python Package ...