Telnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach

The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package versions to PyPI in an effort to plant credential-stealing malware on ...
Computing

Malicious Python packages found exfiltrating user data to Telegram bot

Researchers at security vendor Checkmarx have uncovered an operation, apparently based in Iraq, that uses malware hosted on the Python repository PyPI to search for files on the victim's device and ...

Major compromise of the telnyx PyPI library could put millions of users at risk

TeamPCP strikes again, with almost identical code to LiteLLM.
TechRadar

Software developers targeted by malware hidden in Python packages

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Python developers working on Mac devices are being targeted by North Korean hackers once again ...
CoinTelegraph

Crypto-stealing malware discovered in Python Package Index — Checkmarx

According to cybersecurity firm Hacken, financial losses from crypto hacks topped $440 million in the third quarter of 2024. Researchers at the Checkmarx cybersecurity firm sounded the alarm on a ...
InfoWorld

Use UV to run Python packages and programs without installing

Astral's uv utility simplifies and speeds up working with Python virtual environments. But it has some other superpowers, too: it lets you run Python packages and programs without having to formally ...
InfoWorld

Software bill-of-materials docs eyed for Python packages

Python enhancement proposal would incorporate SBOM documents in Python packages as a way to improve dependency tracking and vulnerability analysis. Software bill-of-materials (SBOM) documents would be ...