Hello everyone,
I am preparing a talk at pycon italy (Trust, but Verify: Reviewing Interviewer Python Code for Hidden Malware | PyCon Italia) around how to analyze and recognize potentially malicious packages in the context of job phishing scams. I was thinking of adding a slide that goes through what PyPi has done in 2025 (PyPI in 2025: A Year in Review - The Python Package Index Blog) and what are the plans in 2026 in regards to malware detection and response. I was wondering if there are any high level roadmap of what is planned for this year?
Thanks!