InfoWorld

PDM: A smarter way to manage Python packages

Modern Python developers use virtual environments (venvs), to keep their projects and dependencies separate. Managing project dependencies gets more complex as the number of dependencies grows.
TechRepublic

Old Python package comes back to life and delivers malicious payload

A recently spotted supply chain attack abused an old but legitimate Python package to deliver a malicious payload. Read more on how the attacker managed to do it and how to protect yourself from it.