Although there is nothing special about code executing on a machine, the moment when this code is executed is a significant detail from a security standpoint. The Python programming language allows ...

Create a pip installable package Using pip is the most conventional and best-supported way to package a Python application for re-use.

What are Python virtual environments? A virtual environment is a way to have multiple, parallel instances of the Python interpreter, each with different sets of packages and different configurations.

Python’s package manager, pip, favors a wheel when it’s available rather than a source distribution. As a result, the malicious one gets installed unless explicitly requested otherwise.

When a Python package is installed by a developer, PIP – Python’s package manager – tries to collect and process the metadata of the package, such as its version and the dependencies it ...

A software security engineer has identified 12 Python libraries uploaded on the official Python Package Index (PyPI) that contained malicious code.

A recently spotted supply chain attack abused an old but legitimate Python package to deliver a malicious payload. Read more on how the attacker managed to do it and how to protect yourself from it.

The PyPI package flood is just the latest in a string of attacks on public repositories with the intent to plant malicious code.