Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
InfoWorld

Why it’s so hard to create stand-alone Python apps

Ever wonder why packaging a Python app and its dependencies as a single executable is such a pain? Blame it on the dynamism ...
Techzine Europe

Malicious Python package poses new supply chain threat

The open-source package elementary-data, with over a million downloads per month, has been compromised. Attackers exploited a vulnerability in a GitHub ...
InfoWorld

How to use PyInstaller to create Python executables

Powerful and versatile as it is, Python lacks a few key capabilities out of the box. For one, there is no native mechanism for compiling a Python program into a standalone executable package. To be ...
ZDNet

Twelve malicious Python libraries found and removed from PyPI

A software security engineer has identified 12 Python libraries uploaded on the official Python Package Index (PyPI) that contained malicious code. The 12 packages have been discovered in two separate ...
Visual Studio Magazine

Microsoft Previews Azure SDK for Python (Conda) Packaging System

Microsoft released a preview of the Azure SDK for Python (Conda), providing package, dependency and environment management, specifically in the form of open source libraries for provisioning, managing ...