在Mozilla之后，全球最大Python组件托管平台PyPI新版服务条款也引发开发者激烈争论。预定于3月27日正式生效的新版服务条款，不仅替即将推出的组织账户付费服务创建法律基础，也对于Python软件基金会（Python Software ...

Malicious PyPI package set-utils steals Ethereum private keys, exfiltrating them via Polygon RPC to evade detection.

A malicious Python Package Index (PyPI) package named "set-utils" has been stealing Ethereum private keys through intercepted wallet creation functions and exfiltrating them via the Polygon blockchain ...

A malicious PyPi package named 'automslc' has been downloaded over 100,000 times from the Python Package Index since 2019, ...

Cybersecurity researchers have flagged a malicious Python library on the Python Package Index (PyPI) repository that facilitates unauthorized music downloads from music streaming service Deezer. The ...

pypi-data/pypi-mirror-329’s past year of commit activity ...

Morgan is a PyPI mirror for restricted/offline networks/environments, where access to the Internet is not available. It allows creating small mirrors that can be used by multiple "client" Python ...