Python 3.15 introduces an immutable or ‘frozen’ dictionary that is useful in places ordinary dicts can’t be used.

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...

This is an experimental Python library for Anker Solix Power devices (Solarbank, Inverter, Smart Meter, Portable Power Stations etc). Poetry 2.1.0 or later is required for full support of the ...

The stcrestclient package provides the stchttp ReST API library module. This allows simple function calls, nearly identical to those provided by StcPython.py, to be used to access TestCenter server ...

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...

TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ ...

TeamPCP strikes again, with almost identical code to LiteLLM.

LangChain and LangGraph, two popular open source frameworks for building AI apps, contained high-severity and critical vulnerabilities which allowed threat actors to exfiltrate sensitive data from ...

LangChain and LangGraph have patched three high-severity and critical bugs.

TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data.

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...