alt Hacker NewsIs there a notification channel you can subscribe to / look at if you want to stay up to date on compromised PyPI packages?
Replies
dmitrygr • yesterday at 9:00 PM
Yes. news.ycomhinator.com
Is there a notification channel you can subscribe to / look at if you want to stay up to date on compromised PyPI packages?
Yes. news.ycomhinator.com
You can use the PYSEC[1] or OSV[2] databases.
[1]: https://github.com/pypa/advisory-database/blob/main/vulns/te...
[2]: https://osv.dev/vulnerability/MAL-2026-2254