Subj : Python developers targeted with new password-stealing phishing at To : All From : TechnologyDaily Date : Thu Sep 25 2025 14:15:09 Python developers targeted with new password-stealing phishing attacks - here's how to stay safe Date: Thu, 25 Sep 2025 13:04:00 +0000 Description: A major phishing campaign is still ongoing, targeting both Python maintainers and users. FULL STORY ======================================================================PyPI warns phishing attacks will persist using fake domains and urgent email tactics Victims are tricked into verifying accounts via typosquatted sites like pypi-mirror.org Users and maintainers urged to adopt phishing-resistant 2FA and domain-aware password managers Phishing attacks against PyP I users and maintainers are going to continue, the foundation is warning, as it urged members to tighten up on security and remain vigilant. A new blog post, published by the foundation's security developer-in-residence, Seth Larson,noted the most recent attacks are a continuation of a months-long campaign that uses convincing emails and typosquatted domains to steal peoples login credentials. Unfortunately the string of phishing attacks using domain-confusion and legitimate-looking emails continues," Larson wrote. "This is the same attack PyPI saw a few months ago and targeting many other open source repositories but with a different domain name. Judging from this, we believe this type of campaign will continue with new domains in the future. How to stay safe In the emails, the victims are asked to verify their addresses for account maintenance and security procedures, and threatened with account closure if they dont comply. This sense of urgency and threat is typical for a phishing email, which redirects victims to pypi-mirror.org, a domain not owned by PyPI or the Python Software Foundation. If you have already clicked on the link and provided your credentials, we recommend changing your password on PyPI immediately, Larson warned. Inspect your account's Security History for anything unexpected. Report suspicious activity, such as potential phishing campaigns against PyPI, to security@pypi.org. Phishing is both extremely difficult, and extremely easy to defend against. In theory, just using common sense and thinking before clicking should suffice in most cases. However, just in case of a drop in focus, users are advised to use phishing-resistant 2FA such as hardware tokens. Maintainers, on the other hand, should use a password manager which auto-fills based on domain name. If auto-fill isnt working when it usually does, that is a huge red flag. Phishing-resistant 2FA is also recommended. Via The Register You might also like What is a Secure Web Gateway? Take a look at our guide to the best authenticator app We've rounded up the best firewall software around ====================================================================== Link to news story: https://www.techradar.com/pro/security/python-developers-targeted-with-new-pas sword-stealing-phishing-attacks-heres-how-to-stay-safe --- Mystic BBS v1.12 A49 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .