Cybernews

Critical Python supply chain compromise: how library used by millions of AI developers got infected with malware

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
Analytics Insight

How AI Is Reshaping the Way Python Developers Write and Secure Code

Python is now one of the fastest-growing programming languages being used globally and supports machine-learning-based ...
CIOL

Anthropic Backs Python Security With $1.5 Million PSF Partnership

Anthropic has committed $1.5 million to the Python Software Foundation (PSF) under a two-year partnership aimed at strengthening security across Python’s core infrastructure and package ecosystem. The ...
Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...
Bleeping Computer

Python Package Installation Can Trigger Malicious Code

Although there is nothing special about code executing on a machine, the moment when this code is executed is a significant detail from a security standpoint. The Python programming language allows ...
SiliconRepublic

The security flaw that Python developers should be aware of

Security firm Checkmarx found that one in three software packages from PyPI contains a flaw that can lead to malicious code being automatically installed. Many software packages from the Python ...
Dark Reading

Continued Use of Python 2 Will Heighten Security Risks

Nearly five months after the Python Software Foundation finally ended support for the Python 2 programming language, many developers are continuing to use it, heightening security risks for their ...