Anthropic宣布与Python软件基金会达成为期两年的合作，投资150万美元支持Python生态系统安全建设。这笔资金将用于CPython和PyPI的关键安全升级，同时支撑基金会在Python语言、生态和全球社区方面的核心工作。

IT之家 1 月 14 日消息，Python 软件基金会 (PSF) 当地时间 13 日宣布该非营利组织与 AI“独角兽”Anthropic 达成了一份为期 2 年的合作协议，PSF 因此获得了 150 万美元（IT之家注：现汇率约合 1048.2 万元人民币）资助。 这笔资金将用于支持 PSF 的运营工作，重点关注 Python 编程语言生态系统的安全问题，如对 CPython 解释器实现、Py ...

今天，我在学习及实践使用 Python 虚拟环境时，下载相应库文件，直接使用 pip 下载，结果因下载速度过于实在太慢导致始终 ...

The Python Software Foundation (PSF) has an extra $1.5 million heading its way, after AI upstart Anthropic entered into a ...

IT之家 11 月 16 日消息，Python 软件包存储库 PyPI 现已上线数字认证（Digital Attestations）功能，这项功能允许软件包维护者在发布包时附加经过身份验证的数字签章，以便于验明正身。 长期以来，PyPI 一直受到虚假软件包困扰，大量黑客寻找已下架的合法 PyPI 包 ...

Anthropic committed $1.5 million to the Python Software Foundation to strengthen PyPI and CPython security, targeting ...

A software security engineer has identified 12 Python libraries uploaded on the official Python Package Index (PyPI) that contained malicious code. The 12 packages have been discovered in two separate ...

The Python Software Foundation has warned victims of a new wave of phishing attacks using a fake Python Package Index (PyPI) website to reset credentials. Accessible at pypi.org, PyPI is the default ...

The scanners tasked with weeding out malicious contributions to packages distributed via the popular open source code repository Python Package Index (PyPI) create a significant number of false alerts ...

The Python security team removed two trojanized Python libraries from PyPI (Python Package Index) that were caught stealing SSH and GPG keys from the projects of infected developers. The two libraries ...

In a new twist on software supply chain attacks, researchers have discovered a Python package hiding malware inside of compiled code, allowing it to evade ordinary detection measures. On April 17, ...