TechRepublic

350,000 open source projects at risk from Python vulnerability

Fifteen-year-old N-day Python tarfile module vulnerability puts software supply chain under the microscope. Cybersecurity company Trellix announced Wednesday that a known Python vulnerability puts 350 ...
Ars Technica

OpenAI is acquiring open source Python tool-maker Astral

OpenAI announced Thursday that it has entered into an agreement to acquire Astral, the company behind popular open source Python development tools such as uv, Ruff, and ty, and integrate the company ...
Computer Weekly

15-year-old Python bug present in 350,000 open source projects

A 15-year-old vulnerability in the open source Python programming language is still finding its way into live code, with the result that over 350,000 projects are at risk of potential supply chain ...