Trellix is working to push code via GitHub pull request to protect open-source projects from the vulnerability. Trellix currently has patches available for 11,005 repositories ready for pull requests.

PyPI is the official Python Package Index that currently contains 500,972 projects, 5,228,535 million releases, 9,950,103 million files, and 770,841 users. PyPI helps users locate and install ...

Estimated 350,000 projects impacted Analyzing the impact, Trellix researchers found that the vulnerability was present in thousands of software projects, both open and closed source.

A 15-year-old vulnerability in the open source Python programming language is still finding its way into live code, with the result that over 350,000 projects are at risk of potential supply chain ...

Ten hours later, it lifted the suspension. Short for the Python Package Index, PyPI is the go-to source for apps and code libraries written in the Python programming language.