GitHub has updated its security alerts feature this week to support Python projects, after previously supporting JavaScript and Ruby. The feature, which launched last November, works by analyzing ...

The effort called Project Quarantine is described in blog post by Mike Fiedler, who is the sole administrator responsible for Python security. The project allows PyPI administrators and a select ...

"In order to improve the general security of the Python ecosystem, PyPI has begun implementing a two-factor authentication (2FA) requirement for critical projects.

To help smooth the transition towards 2FA, the Python Package Index is giving away 4,000 Google Titan security keys as part of its bid to transport all critical projects built using the Python ...

PyPI or the Python Package Index is giving away 4,000 Google Titan security keys as part of its move to mandatory two-factor authentication (2FA) for critical projects built in the Python ...

The popular PyTorch Python project for data scientists and machine learning developers has become the latest open source project to be targeted with a dependency confusion attack.

A rather old unpatched Python security vulnerability has resurfaced, causing researchers to warn that hundreds of thousands of projects might be vulnerable to code execution. Cybersecurity ...

Since 2008, Python 2 and Python 3 together have only had 49 vulnerabilities, with 20 labeled as memory corruption, code execution, or overflows, says Shane Fry, VP of security engineering at ...

Now Google is making a $350,000 donation to support some Python Software Foundation (PSF) projects that aim to improve the supply-chain security of the Python ecosystem.