Anthropic宣布与Python软件基金会达成为期两年的合作，投资150万美元支持Python生态系统安全建设。这笔资金将用于CPython和PyPI的关键安全升级，同时支撑基金会在Python语言、生态和全球社区方面的核心工作。

据Checkmarx披露，Python第三方库PyPI存在安全风险。该平台存在名为BlazeStealer的恶意木马，黑客今年1月至10月在PyPI平台上发布了8 ...

IT之家 1 月 14 日消息，Python 软件基金会 (PSF) 当地时间 13 日宣布该非营利组织与 AI“独角兽”Anthropic 达成了一份为期 2 年的合作协议，PSF 因此获得了 150 万美元（IT之家注：现汇率约合 1048.2 万元人民币）资助。

A software security engineer has identified 12 Python libraries uploaded on the official Python Package Index (PyPI) that contained malicious code. The 12 packages have been discovered in two separate ...

The Python Software Foundation (PSF) has an extra $1.5 million heading its way, after AI upstart Anthropic entered into a ...

Anthropic committed $1.5 million to the Python Software Foundation to strengthen PyPI and CPython security, targeting ...

The Python Software Foundation has warned victims of a new wave of phishing attacks using a fake Python Package Index (PyPI) website to reset credentials. Accessible at pypi.org, PyPI is the default ...

In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17, ...

The scanners tasked with weeding out malicious contributions to packages distributed via the popular open source code repository Python Package Index (PyPI) create a significant number of false alerts ...

The Python security team removed two trojanized Python libraries from PyPI (Python Package Index) that were caught stealing SSH and GPG keys from the projects of infected developers. The two libraries ...