PyPI Phishing Attack: Incident Report - The Python Package Index Blog

blog.pypi.org

Follow-up on the recent phishing attack targeting PyPI users.

3 pages link to this URL

Ben Cotton; Duck Alignment Academy Ben Cotton Dec 31, 2025

How well did I capture trends in open source for 2025? The vibe was right, even if some of the specifics were wrong.

1 inbound link article en Posts Artificial Intelligenceeventspredictionstrends CC BY-SA 4.0

Michael Kennedy's Thoughts on Technology Michael Kennedy Dec 22, 2025

Wire pip-audit into your CI and unit tests to automatically block known vulnerable dependencies.

0 inbound links article en posts python

words.filippo.io Bluesky Oct 10, 2025

Project compromises have common root causes we can mitigate: phishing, control handoff, and unsafe GitHub Actions triggers.

3 inbound links article en