The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...
Meduza

Russia’s federal censor denies blocking Python’s package index as developers scramble for workarounds

On Monday, Russian users found they could no longer reach PyPI, the package repository that Python developers rely on for ...
Hosted on MSN

A popular Python library just became a backdoor to your entire machine

If you work with AI APIs and local LLMs, there's a good chance you've at least heard of LiteLLM. It's one of the most popular Python libraries for interacting with large language models, offering a ...
InfoWorld

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed. PyPI is ...
IEEE

A Novel Framework for Automatic Generation of Dynamic Visualizations from Python Code in Data Analysis

Abstract: Existing data visualization tools predominantly rely on manual development or traditional software solutions to translate raw data into meaningful visual representations. However, these ...
GitHub

AES encryption in Python, PHP, C#, Java, C++, F#, Ruby, Scala, Node.js

The goal of this project is to provide simple, portable and compatible code (data encrypted in Python can be decrypted in PHP, and so on). The encryption algorithm used is AES in CBC and CFB mode.
CSOonline

Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace

A suspicious Visual Studio Code extension with file-encrypting and data-stealing behavior successfully bypassed marketplace review and entered the developer ecosystem. In a suspected test effort, ...
Analytics Insight

Top 10 Python Libraries for Cybersecurity in 2025

Python libraries simplify testing networks and detecting vulnerabilities in systems. Tools like YARA and Pymetasploit3 help identify malware and security weaknesses. Encryption and AI-focused ...
The Hacker News

⚡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack & More

Malware isn’t just trying to hide anymore—it’s trying to belong. We’re seeing code that talks like us, logs like us, even documents itself like a helpful teammate. Some threats now look more like ...