InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.
Analytics Insight

Best Python Libraries to Speed Up Automation in 2026

Overview Modern Python automation now relies on fast tools like Polars and Ruff, which help cut down processing time and ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
GitHub

Daniel Chin Python Alt stdlib

My wide toolbox of various utils. All are useful. Many are re-invented wheels. Some are unique features that my other projects depend on. A lot of the scripts include tests and demos. You can find ...
cybernews

Critical Python supply chain compromise: how library used by millions of AI developers got infected with malware

LiteLLM, a massively popular Python library used by AI developers, was compromised to deliver a mass credential harvesting malware, sending shockwaves across the industry. The “software horror” spread ...
GitHub

GPPU — General Purpose Python Utilities

YAML-driven configuration with !include, colored structured logging, type coercion, deep dict access, YAML/JSON I/O, template population, time helpers, OS detection, async-to-sync, multi-backend ...
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...