KTLA

ActiveState joins Python Software Foundation's Trusted Publishing Initiative to Enhance the Integrity of Python Packages as Part of Its Mission to Secure Open Source Supply Chains

As a Trusted Publisher on the Python Package Index (PyPI), ActiveState empowers developers with unrivaled open source management capabilities and mitigates escalating supply chain risks. VANCOUVER, BC ...
Bleeping Computer

Revival Hijack supply-chain attack threatens 22,000 PyPI packages

Threat actors are utilizing an attack called "Revival Hijack," where they register new PyPi projects using the names of previously deleted packages to conduct supply chain attacks. The technique ...