• Business

    Python developers targeted with new password-stealing phishing attacks – here’s how to stay safe

    AnyFans Posted on

    By Sead Fadilpašić

    Copyright techradar

    Python developers targeted with new password-stealing phishing attacks - here's how to stay safe

    Skip to main content

    Tech Radar Pro

    Tech Radar Gaming

    Close main menu

    the business technology experts

    België (Nederlands)

    Deutschland

    North America

    US (English)

    Australasia

    New Zealand

    View Profile

    Search TechRadar

    Expert Insights

    Website builders

    Web hosting

    Best web hosting
    Best office chairs
    Best website builder
    Best antivirus
    Expert Insights

    Don’t miss these

    Python devs targeted with dangerous phishing attacks – here’s how to stay safe

    PyPl is blocking hundreds of expired domains to halt malware attacks

    Hackers are looking to steal Microsoft logins using some devious new tricks – here’s how to stay safe

    Watch out – those Firefox add-ons could be a real threat to your entire system, Mozilla warns

    UK immigration system targeted by hackers – dangerous new phishing campaign hits Sponsorship Management System

    Hook, line and sinker: how to detect and protect your business from phishing attacks

    Malicious URLs and phishing scams remain a constant threat for businesses – here’s what can be done

    Experts warn this top GenAI tool is being used to build phishing websites

    Hackers are also going back to school – major campaign hijacks Google Classroom to hit targets

    Your employee logins are more valuable to criminals than ever – here’s how to keep them protected

    Hackers are using fake Zoom or Microsoft Teams invites to spy on all your workplace activity

    Phishing emails are getting smarter – and using some new tricks to snare victims

    More popular npm packages hijacked to spread malware

    Npm package with millions of downloads is at risk from malware hijacking

    Double check your Microsoft 365 and Google accounts – this VoidProxy phishing service is hitting them hard

    Python developers targeted with new password-stealing phishing attacks – here’s how to stay safe

    Sead Fadilpašić

    25 September 2025

    A major phishing campaign is still ongoing, experts warn

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

    (Image credit: Getty Images)

    PyPI warns phishing attacks will persist using fake domains and urgent email tactics
    Victims are tricked into verifying accounts via typosquatted sites like pypi-mirror.org
    Users and maintainers urged to adopt phishing-resistant 2FA and domain-aware password managers

    Phishing attacks against PyPI users and maintainers are going to continue, the foundation is warning, as it urged members to tighten up on security and remain vigilant.

    A new blog post, published by the foundation’s security developer-in-residence, Seth Larson,noted the most recent attacks are a continuation of a months-long campaign that uses convincing emails and typosquatted domains to steal people’s login credentials.
    “Unfortunately the string of phishing attacks using domain-confusion and legitimate-looking emails continues,” Larson wrote. “This is the same attack PyPI saw a few months ago and targeting many other open source repositories but with a different domain name. Judging from this, we believe this type of campaign will continue with new domains in the future.”

    You may like

    Python devs targeted with dangerous phishing attacks – here’s how to stay safe

    PyPl is blocking hundreds of expired domains to halt malware attacks

    Hackers are looking to steal Microsoft logins using some devious new tricks – here’s how to stay safe

    How to stay safe
    In the emails, the victims are asked to “verify” their addresses for “account maintenance and security procedures”, and threatened with account closure if they don’t comply.

    This sense of urgency and threat is typical for a phishing email, which redirects victims to pypi-mirror.org, a domain not owned by PyPI or the Python Software Foundation.
    “If you have already clicked on the link and provided your credentials, we recommend changing your password on PyPI immediately,” Larson warned. “Inspect your account’s Security History for anything unexpected. Report suspicious activity, such as potential phishing campaigns against PyPI, to security@pypi.org.”
    Phishing is both extremely difficult, and extremely easy to defend against. In theory, just using common sense and thinking before clicking should suffice in most cases. However, just in case of a drop in focus, users are advised to use phishing-resistant 2FA such as hardware tokens.

    Are you a pro? Subscribe to our newsletter
    Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
    Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
    Maintainers, on the other hand, should use a password manager which auto-fills based on domain name. If auto-fill isn’t working when it usually does, that is a huge red flag. Phishing-resistant 2FA is also recommended.
    Via The Register
    You might also like

    What is a Secure Web Gateway?
    Take a look at our guide to the best authenticator app
    We’ve rounded up the best firewall software around

    Sead Fadilpašić

    Social Links Navigation

    Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

    You must confirm your public display name before commenting

    Please logout and then login again, you will then be prompted to enter your display name.

    Python devs targeted with dangerous phishing attacks – here’s how to stay safe

    PyPl is blocking hundreds of expired domains to halt malware attacks

    Hackers are looking to steal Microsoft logins using some devious new tricks – here’s how to stay safe

    Watch out – those Firefox add-ons could be a real threat to your entire system, Mozilla warns

    UK immigration system targeted by hackers – dangerous new phishing campaign hits Sponsorship Management System

    Hook, line and sinker: how to detect and protect your business from phishing attacks

    Latest in Security

    Libraseva urges users to patch now as it issues emergency fix following attacks

    GitHub is finally tightening up security around npm following multiple attacks

    Cloudflare says it has (once again) blocked the largest-ever DDoS attack in history

    Watch out – even small businesses are now facing threats from deepfake attacks

    Casino gaming giant hit by major cyberattack – employee information and more stolen, here’s what we know

    “It could be catastrophic to the city” – US Secret Service takes down massive million-dollar network of SIM cards it says was capable of taking down comms across New York

    Latest in News

    It may have leaked early, but Forza Horizon 6’s first trailer confirms Japan setting and a 2026 release

    Hoping for some big Black Friday laptop deals? Intel CPU price hikes could scupper your plans

    YouTube is finally letting you hide one of its most annoying features – and you’re going to be thankful for this

    Call Screening in iOS 26 has finally ended my spam call nightmare – here’s how to set it up

    Workers admit going back to the office makes sense – they just don’t want to do it

    Germany is getting its own sovereign version of OpenAI

    LATEST ARTICLES

    Korean startup backed by LG unveils AI server that matches Nvidia’s H100 performance but with a much lower power consumption

    Ghost of Yotei is one of the best games I’ve played this year, with beauty, style, and visceral action running through its veins

    Has Prime Day already begun? Amazon devices are 63% off – here’s what I’m buying

    It may have leaked early, but Forza Horizon 6’s first trailer confirms Japan setting and a 2026 release

    RTX 5060, 5060 Ti, and 5070 graphics cards are up to $220 off at Walmart today

    TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.

    Contact Future’s experts

    Terms and conditions

    Privacy policy

    Cookies policy

    Advertise with us

    Web notifications

    Accessibility Statement

    Future US, Inc. Full 7th Floor, 130 West 42nd Street,

    Please login or signup to comment

    Please wait…

    You Might Also Like