Infosecurity Magazine

TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...
OfficeChai

LiteLLM Attack: How a Hacked Security Tool Became a Master Key to Thousands of AI Developer ...

On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
The Hacker News

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain ...
The Hacker News

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

Cybersecurity researchers have discovered two new malicious packages in the Python Package Index (PyPI) repository that are designed to deliver a remote access trojan called SilentSync on Windows ...
International Monetary Fund

A Python Package to Assist Macroframework Forecasting: Concepts and Examples

In forecasting economic time series, statistical models often need to be complemented with a process to impose various constraints in a smooth manner. Systematically imposing constraints and retaining ...
tech2geek

How to Install Python Packages with pip (Beginner to Advanced Guide)

Python developers often need to install and manage third-party libraries. The most reliable way to do this is with pip, Python’s official package manager. To avoid package conflicts and system errors, ...
bitnewsbot

Malicious PyPI Packages Uncovered: Supply Chain Risk for Python

Cybersecurity researchers have found harmful software in the official Python Package Index (PyPI) and npm package repositories, putting software supply chains at risk. The packages, called termncolor ...
blockchain

NVIDIA Introduces Wheel Variants to Simplify CUDA-Accelerated Python Package Deployment

NVIDIA launches Wheel Variants to streamline CUDA-accelerated Python package installation, addressing compatibility challenges and optimizing user experience across diverse hardware setups. NVIDIA has ...
GitHub

Experimental Wheels for Python for Windows on ARM64

This repository provides experimental binary wheels for open-source extension packages for Python for Windows on ARM64. The files are experimental (meaning: unofficial, informal, unrecognized, ...
Bleeping Computer

Hackers target Python devs in phishing attacks using fake PyPI site

The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing attacks using a fake Python Package Index (PyPI) website. PyPI is a ...