Bleeping Computer

Hackers target Python devs in phishing attacks using fake PyPI site

The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing attacks using a fake Python Package Index (PyPI) website. PyPI is a ...
Bleeping Computer

Malicious PyPi package steals Discord auth tokens from devs

A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system. The ...
MSN による配信

Python devs targeted with dangerous phishing attacks - here's how to stay safe

Developers who published projects on PyPI with their email in package metadata are being targeted They are asked to "verify" their email address with a fake PyPI platform The "verification" process ...
TechRadar

Python devs targeted with dangerous phishing attacks - here's how to stay safe

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Developers who published projects on PyPI with their email in package metadata are being targeted ...