🐍 uv - kilpat · Scour

Vulnerability and malware checks in uv

🐍Python Blog

astral.sh··Lobsters, Hacker News, Hacker News

Shai-Hulud Hades PyPI Campaign: 19 Packages Trojanized via Wheel Startup Hooks

🐍Python Blog

I Replaced Our Commercial Artifact Registry With a Free One After a 5× Renewal Price Hike.

🐍Python Blog

·

Glone: A CLI to back up all your GitHub repositories

🐍Python Code

github.com··Hacker News

Shai-Hulud Descends to Hades: Miasma Worm Campaign Spreads with New PyPI Wave

🐍Python Blog

Massive PyPI Supply Chain Attack Harvests Cloud Credentials via Python Startup Hooks

orca.security·

What’s up Python? Pip supports locking, .pth files deprecated

🐍Python News

debsecan-mcp v0.1.2 released to PyPI

🐍Python Blog

Shai-Hulud copycat campaign targets Python developers through PyPI typosquatting

🐍Python Blog

about.gitlab.com·

Hades PyPI Malware: Miasma Campaign Exploits .pth Startup Hooks

sh.itjust.works·

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

securityweek.com·

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

🐍Python News

bleepingcomputer.com·

Less-relevant results

Nuts – pip/NPM for Java with first-class workspaces and JDK provisioning (9y+)

🗄️Databases Code

github.com··Hacker News, Hacker News

Deploying Foundry Hosted Agents from Source Code

techcommunity.microsoft.com

·

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

thehackernews.com·

Slixmpp 1.16.0 – XMPP/Jabber Library for Python – SleekXMPP

🐍Python Blog

blog.mathieui.net··Hacker News

Pyodide 314.0: Python packages can now publish WebAssembly wheels to PyPI

🐍Python Blog

blog.pyodide.org··Hacker News

Release v0.2.90 · anthropics/claude-agent-sdk-python

🐍Python Code

Linux Kernel 0-Day 🐧, Hades PyPI Worm 🐍, Anthropic Fable 5 🪄

someone actually leaked the Miasma supply chain attack toolkit source code on github

safedep.io··Hacker News, r/programming

Log in to enable infinite scrolling