Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
Hackaday

Wolverine Gives Your Python Scripts The Ability To Self-Heal

[BioBootloader] combined Python and a hefty dose of of AI for a fascinating proof of concept: self-healing Python scripts. He shows things working in a video, embedded below the break, but we’ll also ...
InfoWorld

The Python AI library hack that didn’t hack Python

There are some critical takeaways from the Ultralytics AI Python library hack, but they're not the ones you might expect. Also, 10 tips for making Python faster and a look at uv—the all-in-one Python ...
Indiatimes

Python-based worm hacking WhatsApp across devices in Brazil, what it tells about software development in South America

A sophisticated malware campaign is exploiting WhatsApp in Brazil to spread the Eternidade Stealer banking trojan. Attackers use social engineering and automated messages to steal financial ...
Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...
InfoWorld

3 takeaways from the Ultralytics AI Python library hack

When attackers compromised Ultralytics YOLO, a popular real-time object detection machine-learning package for Python, most assumed the Python Package Index, or PyPI, must be the point of failure.