Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
InfoWorld

3 takeaways from the Ultralytics AI Python library hack

When attackers compromised Ultralytics YOLO, a popular real-time object detection machine-learning package for Python, most assumed the Python Package Index, or PyPI, must be the point of failure.
Ars Technica

Threat or menace? “Autosploit” tool sparks fears of empowered “script kiddies”

The tools used by security researchers, penetration testers, and “red teams” often spark controversy because they package together, and automate, attacks to a degree that make some uncomfortable—and ...
Hackaday

Python And The Internet Of Things Hack Chat

Join us Wednesday at noon Pacific time for the Python and the Internet of Things Hack Chat! Opinions differ about what the most-used programming language in right now is, but it’s hard to deny both ...