For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...
GitHub

PyPRT - Python Bindings for CityEngine SDK

PyPRT provides a Python binding for the CityEngine Procedural RunTime (PRT). This enables the execution of CityEngine CGA rules within Python. PyPRT allows to easily and efficiently generate 3D ...
How-To Geek on MSN

How to create professional-looking plots in Python

Use Python to make your data visualizations stand out.
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

Chinese APT deploys new malware to keep access to hacked networks

A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and ...
InfoWorld

Pyrefly 1.0: A fast, forward-looking Python linter

Meta’s Rust-powered linter and type checker for Python pairs blazing speed with advanced and innovative features.