April 2026 TIOBE Index shows Python still leading, C strengthening in second, and Rust sliding to #16, suggesting its climb ...

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

LiteLLM, a massively popular Python library used by AI developers, was compromised to deliver a mass credential harvesting malware, sending shockwaves across the industry. The “software horror” spread ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...

LEAP is a general purpose Evolutionary Computation package that combines readable and easy-to-use syntax for search and optimization algorithms with powerful distribution and visualization features.

OpenAI announced Thursday that it has entered into an agreement to acquire Astral, the company behind popular open source Python development tools such as uv, Ruff, and ty, and integrate the company ...

MediaComp is a free and open-source multimedia library for Python 3 which enables the easy manipulation of images and sounds. It utilizes popular libraries to provide an abstraction of manipulating ...

Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign. Threat actors have been abusing credentials stolen in the VS Code GlassWorm campaign to hack ...