Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...
TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...
The official open source code repository for the Python programming language, the Python Package Index (PyPI), will require all user accounts to enable two-factor ...
Following a temporary suspension of all new users and package uploads, the Python Package Index (PyPI) repository is back up and running. Many noted that the culprit was the flooding of the site with ...
Awesome. Just when I was making headway on getting my organization to consider using the powerful open source data science and analysis tools in the Python ecosystem... This is why we can't have nice ...
A security firm found three malicious Python libraries uploaded on the official Python Package Index (PyPI) that contained a hidden backdoor which would activate when the libraries were installed on ...
Thousands of applications that have taken advantage of open source Python Package Index (PyPI) software packages may be at risk of hijacking and subversion by malicious actors, opening up the ...
Researchers have uncovered yet another supply chain attack targeting an open source code repository, showing that the technique, which has gained wide use in the past few years, isn’t going away any ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results