Microsoft updates its Python extension for VS Code with fixes for two security flaws and easier interpreter selection.

PyPI malware termncolor and colorinal downloaded 884 times exploit DLL side-loading, persistence, and C2 communication.

Python's ctx library and a fork of PHP's phpass have been compromised. 3 million users combined. The malicious code sends all the environment variables to a heroku app, likely to mine AWS credentials.

Several harmful Python .whl files containing a new type of malware called “Kekw” have been discovered on PyPI (Python Package Index). According to new data by Cyble Research and Intelligence Labs ...

Multiple malicious Python packages available on the PyPI repository were caught stealing sensitive information like AWS credentials and transmitting it to publicly exposed endpoints accessible by ...

Nearly half (45%) of AI-generated code contains security flaws despite appearing production-ready, new research from Veracode ...

Announced in early July, the security-driven consideration has been largely well received by Python’s community members, although one well-known developer opted to delete their code from PyPI ...

Microsoft offers up the security tool it uses to probe untrusted third-party software components in its applications.

It will be interesting to see how Python’s integration into Excel works out. It’s a very specialized, cloud-hosted, and seemingly containerized and secured code offering.

10X coders beware: Meta’s new AI model boosts coding and debugging for free New "Code Llama" coding model is free for research and commercial use.