all InfoSec news
PyPI Repository Under Attack: New Users and Package Uploads Temporarily Stopped
DEV Community dev.to
Python developers, both seasoned and newcomers, may have recently encountered an unexpected obstacle. The maintainers of the Python Package Index (PyPI), the official third-party software repository for Python, have temporarily suspended the ability for users to register and upload new packages. This decision comes in the wake of an uptick in malicious activity on the platform, threatening the security and integrity of the Python ecosystem.
The Security Incident
Over the past week, the PyPI administrators noted a surge in the …
attack cybersecurity decision developers maintainers may official package packages party pypi python python package python package index register repository software third third-party under upload