PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
InfoWorld

The Python AI library hack that didn’t hack Python

There are some critical takeaways from the Ultralytics AI Python library hack, but they're not the ones you might expect. Also, 10 tips for making Python faster and a look at uv—the all-in-one Python ...

Top open source PyPI package with over 1 million downloads each month hacked to send out malware

This was not a case of stolen credentials, but rather of vulnerability exploitation.
Hosted on MSN

Python tricks every cybersecurity pro should know

Python has emerged as a trusted ally for cybersecurity teams thanks to its ease of use, adaptability, and wide range of libraries. From building quick prototypes to automating repetitive checks, it ...
CSO Online

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.
GitHub

cmd_state_interpret.py

def str_format(time, ID, MOSI, CMD, MISO, STATE): str_list = [time, ID, MOSI, CMD, MISO, STATE] ...
GitHub

python script(s) to comunicate with (very insecure) IP cams compatible with the Little Stars phone app

You may have purchased a very cheap IP cam from Alibaba or eBay and are frustrated to find that it doesn't have something simple like an RTP stream but instead asks ...