PyPI has implemented new measures to protect against domain resurrection attacks that could allow attackers to hijack accounts through expired domains linked to email addresses. By monitoring the lifecycle of these domains, PyPI can unverify email addresses that are no longer active, significantly reducing the risk of supply-chain attacks. Users are advised to add backup emails and enable two-factor authentication for added security.