Python

Cisco releases open-source toolkit for verifying AI model lineage

AI, Cisco, Don't miss, enterprise, GitHub, News, open source, Python, Risk Management /

Cisco releases open-source toolkit for verifying AI model lineage 2026-04-30 at 16:02 By Mirko Zorz Enterprises pulling models from Hugging Face and other open repositories rarely keep records of how those models are altered after download, leaving organizations with little ability to confirm what they are running in production. The State of AI Security 2026 […]

Cisco releases open-source toolkit for verifying AI model lineage Read More »

Bandit: Open-source tool designed to find security issues in Python code

code analysis, cybersecurity, DevSecOps, Don't miss, GitHub, News, open source, Python, scanning, software /

Bandit: Open-source tool designed to find security issues in Python code 2026-01-21 at 08:04 By Sinisa Markovic Bandit is an open-source tool that scans Python source code for security issues that show up in everyday development. Many security teams and developers use it as a quick way to spot risky coding patterns early in the

Bandit: Open-source tool designed to find security issues in Python code Read More »

Python Foundation rejects US government grant earmarked for security improvements

Don't miss, funding, Government, Hot stuff, News, open source, Python, Python Software Foundation, security review /

Python Foundation rejects US government grant earmarked for security improvements 2025-10-29 at 14:23 By Zeljka Zorz The Python Software Foundation (PSF) has rejected a $1.5 million government grant due to restrictive conditions that would force the foundation to betray its mission and its community, the programming non-profit announced on Monday. “In January 2025, the PSF

Python Foundation rejects US government grant earmarked for security improvements Read More »

Protegrity Developer Edition: Free containerized Python package to secure AI pipelines

Artificial Intelligence, generative AI, GitHub, News, Protegrity, Python, software /

Protegrity Developer Edition: Free containerized Python package to secure AI pipelines 2025-10-03 at 09:39 By Help Net Security Protegrity Developer Edition enables developers, data scientists, ML engineers, and security teams an easy way to add data protection into GenAI and unstructured data workflows, without the need for enterprise setup. Billed as the first enterprise-grade, governance-focused

Protegrity Developer Edition: Free containerized Python package to secure AI pipelines Read More »

Package hallucination: LLMs may deliver malicious code to careless devs

Artificial Intelligence, Don't miss, Hot stuff, JavaScript, LLMs, Malware, News, programming, Python, software development /

Package hallucination: LLMs may deliver malicious code to careless devs 2025-04-14 at 15:46 By Zeljka Zorz LLMs’ tendency to “hallucinate” code packages that don’t exist could become the basis for a new type of supply chain attack dubbed “slopsquatting” (courtesy of Seth Larson, Security Developer-in-Residence at the Python Software Foundation). A known occurrence Many software

Package hallucination: LLMs may deliver malicious code to careless devs Read More »

PRevent: Open-source tool to detect malicious code in pull requests

Apiiro, code analysis, Don't miss, GitHub, Hot stuff, Java, JavaScript, Kotlin, News, open source, PHP, programming, Python, Ruby, software development, threat detection /

PRevent: Open-source tool to detect malicious code in pull requests 2025-02-20 at 16:52 By Zeljka Zorz Apiiro security researchers have released open source tools that can help organizations detect malicious code as part of their software development lifecycle: PRevent (a scanner for pull requests), and a malicious code detection ruleset for Semgrep and Opengrep static

PRevent: Open-source tool to detect malicious code in pull requests Read More »

Developers Targeted With Malware Disguised as DeepSeek Package

DeepSeek, Malware, Malware & Threats, PyPI, Python /

Developers Targeted With Malware Disguised as DeepSeek Package 2025-02-04 at 14:03 By Eduard Kovacs Python developers looking to integrate DeepSeek into their projects were targeted with malicious packages delivered through PyPI. The post Developers Targeted With Malware Disguised as DeepSeek Package appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Developers Targeted With Malware Disguised as DeepSeek Package Read More »

DeepSeek’s popularity exploited to push malicious packages via PyPI

data theft, DeepSeek, Don't miss, Hot stuff, Malware, News, Positive Technologies, PyPI, Python /

DeepSeek’s popularity exploited to push malicious packages via PyPI 2025-02-03 at 15:33 By Zeljka Zorz Two malicious packages leveraging the DeepSeek name have been published to the Python Package Index (PyPI) package repository, and in the 30 minutes or so they were up, they have been downloaded 36 times. The malicious packages The attack started

DeepSeek’s popularity exploited to push malicious packages via PyPI Read More »

Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI

Malware & Threats, PyPI, Python /

Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI 2024-10-02 at 15:46 By Ionut Arghire Multiple Python packages referencing dependencies containing cryptocurrency-stealing code were published to PyPI. The post Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI Read More »

PyRIT: Open-source framework to find risks in generative AI systems

Adversa AI, AppOmni, Artificial Intelligence, cybersecurity, Don't miss, generative AI, Hot stuff, Microsoft, News, open source, Python, red team, software /

PyRIT: Open-source framework to find risks in generative AI systems 2024-03-04 at 08:02 By Mirko Zorz Python Risk Identification Tool (PyRIT) is Microsoft’s open-source automation framework that enables security professionals and machine learning engineers to find risks in generative AI systems. PyRIT has been battle-tested by Microsoft’s AI red team. It started as a collection

PyRIT: Open-source framework to find risks in generative AI systems Read More »

Vigil: Open-source LLM security scanner

Artificial Intelligence, Don't miss, GitHub, Hot stuff, News, Python, scanning /

Vigil: Open-source LLM security scanner 29/11/2023 at 07:01 By Mirko Zorz Vigil is an open-source security scanner that detects prompt injections, jailbreaks, and other potential threats to Large Language Models (LLMs). Prompt injection arises when an attacker successfully influences an LLM using specially designed inputs. This leads to the LLM unintentionally carrying out the objectives

Vigil: Open-source LLM security scanner Read More »

Tatar-Language Users in the Crosshairs of Python Screenshotter

FTP, infostealer, Malware, PowerShell, Python, RAR File, ScreenShotter, TA866, Tatar /

Tatar-Language Users in the Crosshairs of Python Screenshotter 14/09/2023 at 20:17 By rohansinhacyblecom Key Takeaways • Cyble Research and Intelligence Labs (CRIL) came across Python malware capturing screenshots and sending them over FTP to remote attackers.• Proofpoint has observed similar campaigns in the recent past targeting the United States and Germany, with the perpetrator tracked

Tatar-Language Users in the Crosshairs of Python Screenshotter Read More »

Threat Actor Targets Russian Gaming Community With WannaCry-Imitator

Crypter Ransomware, cybercrime, Darkflow Software, data breach, Data leak, Discord, Encryption, Enlisted, Gaijin Entertainment, GitHub, GitLab, GUI, JSON, Malware, Mutex, phishing, Python, Ransomware, Russia, Threat Intelligence, WannaCry 3.0, WannaCry 3.0 Crypter, Windows /

Threat Actor Targets Russian Gaming Community With WannaCry-Imitator 13/06/2023 at 19:21 By cybleinc CRIL analyzes WannaCry-Imitator Ransomware, a phishing gaming site targeting the Russian Gaming community The post Threat Actor Targets Russian Gaming Community With WannaCry-Imitator appeared first on Cyble. This article is an excerpt from Cyble View Original Source

Threat Actor Targets Russian Gaming Community With WannaCry-Imitator Read More »

CapCut Users Under Fire

ByteDance, CapCut, Cryptocurrency, Cryptography, Ethereum, Google Chrome, Malware, Offx stealer, Opera, phishing, PyInstaller, Python, RedLine Stealer, stealers, Threat Actors, TikTok, Windows 8, Zcash /

CapCut Users Under Fire 19/05/2023 at 17:04 By cybleinc CRIL has uncovered a phishing campaign that targets unsuspecting CapCut users, aiming to steal their sensitive information. The post CapCut Users Under Fire appeared first on Cyble. This article is an excerpt from Cyble View Original Source

CapCut Users Under Fire Read More »

New KEKW Malware Variant Identified in PyPI Package Distribution

.whl, 7Star, Amigo, Bitcoin, Brave, Cent Browser, Chrome, Clipper, cryptocurrecy, cybercrime, darkweb, Epic browser, fake app, Firefox, Google Chrome, Grabber, Info stealer, Iridium, KEKW, Kometa, Malware, Microsoft, Microsoft Edge, Minecraft, Orbitum, PyPI, Python, pythonsqlitetool, Roblox, Sputnik, Threat Intelligence, Torch, Video games, Vivaldi, Windows, Yandex /

New KEKW Malware Variant Identified in PyPI Package Distribution 07/05/2023 at 18:24 By cybleinc CRIL analyzes a new KEKW Malware variant with stealer & Clipper functionalities being distributed via PyPI Packages. The post New KEKW Malware Variant Identified in PyPI Package Distribution appeared first on Cyble. This article is an excerpt from Cyble View Original

New KEKW Malware Variant Identified in PyPI Package Distribution Read More »

Scroll to Top