Posts by pypi@fosstodon.org
 (DIR) Post #AxKvRI5vLrYT2oPq3U by pypi@fosstodon.org
       2025-08-18T17:32:48Z
       
       0 likes, 0 repeats
       
       PyPI now checks for expired domains to prevent domain resurrection attacks, a type of supply-chain attack where someone buys an expired domain and uses it to take over #PyPI accounts through password resets. #Python #OpenSource #SupplyChain #Securityhttps://blog.pypi.org/posts/2025-08-18-preventing-domain-resurrections/
       
 (DIR) Post #AyVOQcsiPw3KvDrtVQ by pypi@fosstodon.org
       2025-09-23T16:25:05Z
       
       0 likes, 1 repeats
       
       🚨 There is a new ongoing phishing campaign against PyPI users. This campaign uses the same tactics as the previous campaign targeting PyPI users, but with a new domain.Read more about what steps we're taking to protect PyPI users from future campaigns:https://blog.pypi.org/posts/2025-09-23-plenty-of-phish-in-the-sea/