The Hacker News

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Infosecurity Magazine

TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise

Researchers attributed the compromise to TeamPCP, the same threat group linked to the aforementioned Trivy compromise and ...
XDA Developers on MSN

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.

Python scales host microstructures that block bacterial biofilms—revealing potential for antimicrobial materials

Materials inspired by nature, or biomimetic materials, are nothing new. Scientists have designed water-resistant materials ...

OpenAI acquires open-source Python tooling startup Astral

OpenAI Group PBC today announced plans to acquire Astral Software Inc., a startup with a set of widely used Python ...
Ars Technica

OpenAI is acquiring open source Python tool-maker Astral

Seriously? Astral's tools aren't even AI-focused, and now they're tied to a company that's losing money hand over fist? Click to expand... I'm guessing that a fair amount of stuff around AI (be it ...

I tried Zenclora, a hyper-fast Linux distro with no bloat - and one truly standout feature

I tried Zenclora, a hyper-fast Linux distro with no bloat - and one truly standout feature ...
The Hacker News

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts

A new malicious package discovered in the Python Package Index (PyPI) has been found to impersonate a popular library for symbolic mathematics to deploy malicious payloads, including a cryptocurrency ...
Visual Studio Magazine

Aspire 13 Makes Python a First-Class Workload with .NET and JavaScript

Microsoft has added official Python support to Aspire 13, expanding the platform beyond .NET and JavaScript for building and running distributed apps. Documented today in a Microsoft DevBlogs post, ...
New York Post

Cheryl Hines joins Melania Trump and Usha Vance for military care packages in sweet scene

First lady Melania Trump teamed up with second lady Usha Vance to greet military families at Joint Base Andrews and create holiday care packages for service members to mark the start of the Christmas ...
Fort Morgan Times

Holiday Care and Toy Drive to create care packages for Morgan County families in need

The Giving Room Project is a joint project of Fosters Love Community Closet & Support and Mystical’s Menagerie, LLC, dedicated to helping families and households in need during the winter and holiday ...