Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
Infosecurity Magazine

TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise

Researchers attributed the compromise to TeamPCP, the same threat group linked to the aforementioned Trivy compromise and ...
Analytics Insight

How AI Is Reshaping the Way Python Developers Write and Secure Code

Python is now one of the fastest-growing programming languages being used globally and supports machine-learning-based ...
CIOL

Anthropic Backs Python Security With $1.5 Million PSF Partnership

Anthropic has committed $1.5 million to the Python Software Foundation (PSF) under a two-year partnership aimed at strengthening security across Python’s core infrastructure and package ecosystem. The ...
Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...
Dark Reading

Continued Use of Python 2 Will Heighten Security Risks

Nearly five months after the Python Software Foundation finally ended support for the Python 2 programming language, many developers are continuing to use it, heightening security risks for their ...
TechRepublic

Old Python package comes back to life and delivers malicious payload

Old Python package comes back to life and delivers malicious payload Your email has been sent A recently spotted supply chain attack abused an old but legitimate Python package to deliver a malicious ...
ZDNet

Python programming: PyPl is rolling out 2FA for critical projects, giving away 4,000 security keys

PyPI or the Python Package Index is giving away 4,000 Google Titan security keys as part of its move to mandatory two-factor authentication (2FA) for critical projects built in the Python programming ...