Backdoored Telnyx PyPI package pushes malware hidden in WAV audio TeamPCP compromised the official Telnyx PyPI package by publishing backdoored versions 4.87.1 and 4.87.2 that install credential‑stealing malware hidden via steganography in WAV files and deploy second‑stage payloads to exfiltrate SSH keys, cloud tokens, wallets, and other secrets. Researchers (Aikido, Socket, Endor Labs) attribute the supply‑chain attack to TeamPCP, advise rolling back to Telnyx 4.87.0, treating any importer as fully compromised, and rotating all secrets immediately. #TeamPCP #Telnyx

TeamPCP compromised Telnyx PyPI releases 4.87.1 & 4.87.2 with backdoored versions that install credential-stealing malware hidden in WAV files via steganography, exfiltrating SSH keys, cloud tokens, and wallets. #SupplyChain #PythonSecurity #USA

An AI gateway designed to steal your data In March 2026 attackers trojanized the popular Python library LiteLLM by uploading malicious versions to PyPI and OpenVSX that executed Base64-encoded payloads to collect secrets and deploy further stages. The malware harvested local files and cloud runtime credentials (including AWS IMDS), sought crypto wallets, established persistence locally and in Kubernetes, and exfiltrated encrypted archives to a remote C2. #LiteLLM #Checkmarx

In March 2026, attackers trojanized LiteLLM Python packages on PyPI, deploying Base64-encoded payloads to steal local files, cloud credentials, and crypto wallets, using .pth persistence in Kubernetes environments. #LiteLLM #PythonSecurity #USA

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise TeamPCP has compromised the popular Python package litellm, publishing backdoored versions 1.82.7 and 1.82.8 on PyPI that include a credential harvester, a Kubernetes lateral-movement toolkit, and a persistent systemd backdoor. The malicious code executes automatically via an import-time injection and a .pth autorun, exfiltrates harvested data to models.litellm[.]cloud as "tpcp.tar.gz", and...

TeamPCP backdoored litellm Python package versions 1.82.7 and 1.82.8 via a likely Trivy CI/CD compromise. Malicious code harvests credentials, enables Kubernetes lateral movement, and installs a persistent systemd backdoor. #SupplyChain #PythonSecurity

Vibe Coding Security Flaws Ship Shells, Keys, and Admin Access AI coding assistants hallucinate nonexistent package names that can be pre-registered on PyPI to deliver malicious install hooks and gain shell access. Combined with AI-generated hardcoded credentials and missing authentication checks, these issues can chain into full compromises of infrastructure and applications; implement dependency verification, secrets scanning, and auth middleware as a kill switch. #PyPI #AWS

AI coding assistants hallucinate fake PyPI package names that attackers can pre-register to deliver malicious hooks and gain shell access. Combined with hardcoded creds and missing auth, this risks full infra takeover. #DependencyAttack #PythonSecurity

CVE-2026-27641: CWE-1336: Improper Neutralization of Special Elements Used in a CVE-2026-27641 is a critical security vulnerability identified in the flask-reuploaded Python package, versions prior to 1.5.0. Flask-Reuploaded is a Flask extension that facilitates file uploads in web applications. The vulnerability is cl

CRITICAL: flask-reuploaded < 1.5.0 allows unauthenticated RCE via SSTI (CVSS 9.8). Upgrade to 1.5.0+ & avoid user input in file names ASAP. Full details: radar.offseq.com/threat/cve-2026-27641-cw... #OffSeq #CVE202627641 #PythonSecurity

How Python's Security Response Team Keeps Python Users Safe - Slashdot This week the Python Software Foundation explained how they keep Python secure. A new blog post recognizes the volunteers and paid Python Software Foundation staff on the Python Security Response Team (PSRT), who "triage and coordinate vulnerability reports and remediations keeping all Python users...

How Python's Security Response Team Keeps Python Users Safe #Technology #Cybersecurity #PythonSecurity #UserSafety #CyberThreats

developers.slashdot.org/story/26/02/21/064205/ho...

Fake PyPI Packages Spread Remote Trojan
Read More: buff.ly/gEm6AwJ

#PyPI #SupplyChainAttack #PythonSecurity #OpenSource #Malware #DevSecOps #SoftwareSecurity #Infosec

BaseFortify CVE report screenshot showing CVSS score, severity, and mitigation guidance for CVE-2025-69228.

⚠️ Why this matters:

If your AIOHTTP app processes POST data with Request.post, attackers can send oversized multipart payloads to exhaust memory and freeze the service.

Mitigation:
• Upgrade to 3.13.3
• Enforce request size limits
• Avoid unbounded POST parsing

#AppSec #PythonSecurity #DoSAttack

Security threat visualization

CRITICAL: DeepDiff (5.0.0–8.6.0) lets attackers run code via Pickle deserialization. Patch to 8.6.1+ now or block untrusted input! Details: radar.offseq.com/threat/cve-2025-58367-cw... #OffSeq #PythonSecurity #RCE

Mashers exploit Python's eval() and exec() functions using advanced obfuscation techniques. Learn how to protect your applications. #PotatoSecurity #PythonSecurity #CodeSafety Link: thedailytechfeed.com/exploiting-p...

Hackers exploit Python's eval() and exec() functions using advanced obfuscation techniques. Learn how to protect your applications. #CyberSecurity #PythonSecurity #CodeSafety Link: thedailytechfeed.com/exploiting-p...

Python remains a go-to for reverse engineering and embedded defence.

Catch up on our latest webinar where we explore how Python supports firmware security workflows.

🎥 Watch here: youtu.be/VlAOYtHk8OA

#PythonSecurity #ReverseEngineering #FirmwareAnalysis #Cybersecurity

Protecting Python Applications: Safeguard Your IP

🕑 Happening today at 2PM UK | 3PM CEST

Protect your Python code before it’s too late.

Join us for a live webinar on real-world attacks and how Emproof Nyx secures your IP.

🔗 shorturl.at/7JJ3s

#PythonSecurity #IPProtection #Cybersecurity

Last chance to register!

Join Philipp & Nils tomorrow 2PM UK | 3PM CEST to learn how Python apps get reverse engineered and how Emproof Nyx stops it.

Live demo included!

🔗 shorturl.at/TDHRE

#PythonSecurity #IPProtection #Cybersecurity

Critical Python 3 Security Update: Patch 6 High-Risk Vulnerabilities (CVE-2024-12718 to CVE-2025-6069) Blog com notícias sobre, Linux, Android, Segurança , etc

Breaking: Python 3 security update fixes 6 flaws, including a worst-case quadratic complexity attack (CVE-2025-6069). Detailed exploit analysis:
Read more: 👉 tinyurl.com/tzp3yeu8
#PythonSecurity #Linux

Protecting Python Applications: Safeguard Your IP

🐍 Protect your Python IP

Python is powerful but easy to reverse engineer.

Join Philipp & Nils on July 30, 2PM UK to learn how to defend your code with Emproof Nyx.

🔗 tinyurl.com/yaj8tmst

#PythonSecurity #Cybersecurity #ReverseEngineering #IPProtection

Herramienta de Carding Abusando de la API de WooCommerce descargada 34.000 veces en PyPI - CIBERNINJAS Un paquete malicioso recién descubierto en PyPI, llamado 'disgrasya' que abusa de tiendas legítimas de WooCommerce para validar tarjetas de crédito robadas,

🛍️ Herramienta de Carding Abusando de la API de WooCommerce descargada 34.000 veces en PyPI ciberninjas.com/herramienta-...

#Carding #WooCommerce #PyPI #FraudeOnline #Ecommerce #APIAbuse #Malware #PythonSecurity #Ciberseguridad #DarkWeb

Khal4n1

🔒 Day 7 of 10-Days of Learning dives into Anti-Analysis & Anti-Debugging Technique
🕵️‍♂️ Code obfuscation, anti-debugging, & anti-disassembly.
Read more: khal4n1.blogspot.com/2025/01/10-d...
#cybersecurity #ethicalhacking #hackingwithpython #learnpython #malwareanalysis #pythonforhackers #pythonsecurity