News

Bleeping Computer2y
Unpatched 15-year old Python bug allows code execution in 350k projects - BleepingComputer
A vulnerability in the Python programming language that has been overlooked for 15 years is now back in the spotlight as it likely affects more than 350,000 open-source repositories and can lead ...
Computer Weekly2y
15-year-old Python bug present in 350,000 open source projects
A 15-year-old vulnerability in the open source Python programming language is still finding its way into live code, with the result that over 350,000 projects are at risk of potential supply chain ...
TechRepublic2y
350,000 open source projects at risk from Python vulnerability
Trellix is working to push code via GitHub pull request to protect open-source projects from the vulnerability. Trellix currently has patches available for 11,005 repositories ready for pull requests.
InfoWorld2d
Pyrefly and Ty: Two new Rust-powered Python type-checking tools compared
Pyrefly is not the first Python type-checking tool from Meta. Previously, the company delivered Pyre, written in OCaml. Pyre ...
Bleeping Computer2y
PyPI mandates 2FA for critical projects, developer pushes back - BleepingComputer
On Friday, the Python Package Index (PyPI), the official repository of third-party open-source Python projects announced plans to mandate two-factor authentication requirement for maintainers of ...
ZDNet2y
Python programming: PyPl is rolling out 2FA for critical projects, giving away 4,000 security keys - ZDNET
PyPI or the Python Package Index is giving away 4,000 Google Titan security keys as part of its move to mandatory two-factor authentication (2FA) for critical projects built in the Python ...