Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

Telnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach

The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package ...
Infosecurity Magazine

TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

Backdoored Telnyx PyPI package pushes malware hidden in WAV audio

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...
InfoWorld

Python virtualenv and venv dos and don’ts

Python virtual environments shine for keeping projects and conflicting packages separate. Just keep these dos and don’ts in mind. One of Python’s biggest draws is its expansive ecosystem of ...
XDA Developers on MSN

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.
Security Boulevard

Compromised litellm PyPI Package Delivers Multi-Stage Credential Stealer

This morning, the widely used Python package litellm, a popular abstraction layer for interacting with large language models ...
Arabian Post

Telnyx package breach jolts Python supply chains

Security teams are scrambling after two malicious releases of the Telnyx Python SDK were uploaded to PyPI on March 27, turning a widely used developer tool into a credential-stealing backdoor that ...
InfoWorld

PyCrucible: An easy way to redistribute your Python apps

One of Python’s most persistent limitations is how unnecessarily difficult it is to take a Python program and give it to another user as a self-contained click-to-run package. The design of the Python ...