Is there a notification channel you can subscribe to / look at if you want to stay up to date on compromised PyPI packages?
You can use the PYSEC[1] or OSV[2] databases.
[1]: https://github.com/pypa/advisory-database/blob/main/vulns/te...
[2]: https://osv.dev/vulnerability/MAL-2026-2254
Thank you!
Yes. news.ycomhinator.com
You can use the PYSEC[1] or OSV[2] databases.
[1]: https://github.com/pypa/advisory-database/blob/main/vulns/te...
[2]: https://osv.dev/vulnerability/MAL-2026-2254
Thank you!
Yes. news.ycomhinator.com