WeLiveSecurity

A pernicious potpourri of Python packages in PyPI

PyPI is popular among Python programmers for sharing and downloading code. Since anyone can contribute to the repository, malware – sometimes posing as legitimate, popular code libraries – can appear ...
The Hacker News

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

The disclosure comes as HelixGuard discovered a malicious package in PyPI named "spellcheckers" that claims to be a tool for ...
InfoWorld

Use UV to run Python packages and programs without installing

Astral's uv utility simplifies and speeds up working with Python virtual environments. But it has some other superpowers, too: it lets you run Python packages and programs without having to formally ...
Ars Technica

10 malicious Python packages exposed in latest repository attack

Researchers have discovered yet another set of malicious packages in PyPi, the official and most popular repository for Python programs and code libraries. Those duped by the seemingly familiar ...
InfoWorld

Python removes ‘dead batteries’ from standard library

A slew of obsolete modules are slated to be dropped from Python, a possible prelude to a process for keeping the standard library cleaner. An initiative to remove outdated and unmaintained modules ...
Ars Technica

How-to: Deploying PyQt applications on Windows and Mac OS X

The open source Qt development toolkit is a popular choice for cross-platform development. It provides native-looking widgets and tight integration with the underlying platform on Windows, Linux, and ...