2Anthropic Invests $1.5M in the Python Software Foundation and OSS Security (opens in new tab)(pyfound.blogspot.com)7miketheman5mo ago1Save
4PyPI and Shai-Hulud: Staying Secure Amid Emerging Threats (opens in new tab)(blog.pypi.org)3miketheman7mo ago0Save
5PyPI: Trusted Publishing Growth, Now for GitLab Self-Managed and Organizations (opens in new tab)(blog.pypi.org)2miketheman7mo ago0Save
6White Paper: Slippery Zips and Sticky Tar-Pits: Security and Archives (opens in new tab)(alpha-omega.dev)2miketheman7mo ago1Save
7Open Infrastructure Is Not Free: PyPI, the PSF, and Sustainability (opens in new tab)(pyfound.blogspot.com)8miketheman7mo ago0Save
8Datadog supports PyPI and the Python community through observability (opens in new tab)(opensource.datadoghq.com)1miketheman8mo ago0Save
9PyPI Blog: Token Exfiltration Campaign via GitHub Actions Workflows (opens in new tab)(blog.pypi.org)76miketheman9mo ago20Save
10PyPI: Preventing Domain Resurrection Attacks (opens in new tab)(blog.pypi.org)5miketheman10mo ago2Save
11PyPI now serves project status markers in API responses (opens in new tab)(blog.pypi.org)2miketheman10mo ago0Save
12Preventing ZIP parser confusion attacks on Python package installers (opens in new tab)(blog.pypi.org)48miketheman10mo ago17Save
15PyPI Prohibits inbox.ru email domain registrations (opens in new tab)(blog.pypi.org)131miketheman11mo ago105Save
