The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
GitHub

heumsi/python-dependency-linter

contexts/boards/domain/models.py:6 [domain-isolation] contexts.boards.domain.models → contexts.boards.application.service (local) contexts/boards/domain/models.py:9 ...
CSO Online

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed.
GitHub

Kajotte Studio: Terminal Colors

A professional, zero-dependency ANSI color encapsulation library for Python. Designed by Kajotte Studio for developers who value clean code and terminal aesthetics. This package provides a complete ...