Safeguard
Tag

pypi

Safeguard articles tagged "pypi" — guides, analysis, and best practices for software supply chain and application security.

69 articles

Supply Chain

Inside PyPI Project Quarantine: How the Reversible Takedown Workflow Has Performed Since Launch

PyPI's Project Quarantine status, introduced in August 2024 and used roughly 140 times in its first year, replaces irreversible deletions with a reversible hidden state. Here is how the workflow operates and how to consume the signal.

Feb 4, 20266 min read
Supply Chain Attacks

PyPI mexalz Malware Campaign Deep Dive

Researchers tracked a PyPI campaign publishing malicious packages under the mexalz and related account names, targeting Python developers with infostealers.

Feb 2, 20266 min read
Open Source Security

PyPI Trusted Publishing Common Pitfalls

PyPI trusted publishing removed a whole class of token leaks, but teams keep tripping over the same half-dozen configuration mistakes. Here is what to watch for.

Jan 28, 20267 min read
Research

OSS Malware Trends Q1 2026 (Safeguard Research)

The Safeguard Research team analyzed first-quarter 2026 malicious package telemetry across npm, PyPI, RubyGems, and crates.io. Here is what the data shows.

Jan 22, 20267 min read
Incident Analysis

Ultralytics PyPI Compromise: Dec 2024 Post-Mortem

How a GitHub Actions cache poisoning attack pushed a crypto miner into Ultralytics 8.3.41 on PyPI, and what engineering teams should actually change.

Jan 9, 20267 min read
Open Source Security

pip's Version-Based Resolution and the Origin of Dependen...

CVE-2018-20225 exposed how pip's version-based resolver lets a higher-versioned public PyPI package silently override a private one — the origin of dependency confusion attacks.

Dec 3, 20257 min read
Open Source Security

The torchtriton Dependency Confusion Attack on PyTorch-Ni...

How a namespace gap on PyPI let a malicious "torchtriton" package hijack PyTorch-nightly installs for five days, and what it teaches about ML supply chain security.

Dec 3, 20257 min read
Open Source Security

PyPI's aliyun-ai-labs Campaign: Three Packages, One Targeted Region

Three PyPI packages impersonating Alibaba's AI Labs SDK exfiltrated .gitconfig data from developer machines in a regionally targeted 2025 espionage campaign.

Jul 21, 20256 min read
Concepts

What Is a Package Registry?

A package registry is the network service your package manager pulls code from. Here is how registries work, why they are a critical trust boundary, and how to secure what you download.

Jul 14, 20256 min read
Concepts

What is Typo-Squatting Detection

Typo-squatting detection identifies malicious packages named one keystroke away from real ones — requets instead of requests — before they reach your build.

Jun 7, 20256 min read
Concepts

What is a Trusted Publisher (PyPI and npm)

A trusted publisher lets your CI workflow publish packages with short-lived OIDC tokens instead of stored API keys. Here's how it works on PyPI and where npm stands.

May 21, 20257 min read
Supply Chain Security

PyPI Malicious Packages 2025: Python's Growing Supply Chain Problem

PyPI faced a surge of malicious package uploads in early 2025, targeting data science, AI/ML, and cloud development workflows. Here's the full picture.

Mar 28, 20256 min read
pypi (Page 3) — Safeguard Blog