Malware Blitz Prompts PyPI to Halt Registrations and Project Creation
March 29, 2024![Malware Blitz Prompts PyPI to Halt Registrations and Project Creation](https://cdn.brief.news/images/stories/5c1b6ba5c8979d7b1d10431233fe8b7be72957822d3151d6d8d13e97424c3074f6e702aa9b07a3e880794dc6398a6e725c3c1e63b7b3d96b0efb2cbf09b644e0.jpg)
PyPI halts new user registration and project creation due to a malware campaign.
Attackers uploaded over 365 malicious packages using automation and typosquatting.
The incident highlights a broader pattern of attacks against open source repositories.
There's a heightened focus on the need for stringent verification of software components.
PyPI introduces mandatory two-factor authentication for project maintainers to enhance security.
Ongoing threats persist against package repositories and software supply chains.
Summary based on 5 sources
Get a daily email with more Startups stories
Sources
![PyPI halted new users and projects while it fended off supply-chain attack](https://cdn.brief.news/images/links/3877e05cfe564036978c92a5fa8c39c6476f33df025887c4d19ed172dabb1471934b6b8d642769f7cad849c117d7f745b97850529067ac98e65e7610a21de816.jpg)
Ars Technica • Mar 28, 2024
PyPI halted new users and projects while it fended off supply-chain attack![PyPI suspends new user registration to block malware campaign](https://cdn.brief.news/images/links/4fd44ed16416f46e2d06379e1f99889bd1591e6fd12161f95e135d2ba312f5a0b42580ed1950d7328b90a8229aed41093aaf8a6ee3affeb1b6e9defb66624def.jpg)
BleepingComputer • Mar 28, 2024
PyPI suspends new user registration to block malware campaign![Malware Upload Attack Hits PyPI Repository](https://cdn.brief.news/images/links/37622ecc6bbeaeaa78bafa48b456bf93276d6c3596f2d35ff5bed2ad6b500a38e15a05da551998e5294ab3c24a588cf2dfbf29fc782d0be21e4e235630909de0.jpg)
SecurityWeek • Mar 28, 2024
Malware Upload Attack Hits PyPI Repository![PyPI Suspends New Projects and Users Due to Malicious Packages](https://cdn.brief.news/images/links/335438ce429a2863f4c523eacff2df5ffcc3fa701caa89b0328935446d5c1d25a02cb693811bb2f1f326d33688680dd10180ccb3e2b12bd1006fd86108fa97ff.jpg)
Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News • Mar 28, 2024
PyPI Suspends New Projects and Users Due to Malicious Packages