A Sneaky Back Door Lets Hackers Into Your Home. Here’s How to Protect Yourself.

A few tips can help you steer clear of so-called residential proxy networks, which have been used to wreak havoc online ...
Security Boulevard

AI Infrastructure LiteLLM Supply Chain Poisoning Alert

Overview Recently, NSFOCUS Technology CERT detected that the GitHub community disclosed that there was a credential stealing program in the new version of LiteLLM. Analysis confirmed that it had ...
The Hacker News

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Cybernews

Critical Python supply chain compromise: how library used by millions of AI developers got infected with malware

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...
InfoWorld

Speed boost your Python programs with new lazy imports

No more waiting on slow-loading modules or wasting time on ad hoc workarounds: Python 3.15’s new ‘lazy imports’ mechanism has ...

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
GitHub

CleanNet — DPI Bypass Engine

A lightweight, single-file Python tool that bypasses ISP-level Deep Packet Inspection (DPI) by fragmenting TLS ClientHello packets. It runs entirely on your machine as a local HTTP proxy ...
GitHub

Async proxy scraper and checker

python proxyz.py -s -c -p [protocol] -i [input] -o [output] -w [workers] -t [timeout] -u [check URL] [-s, --scrape] Scrape proxies - arguments: -p, -o (required) -c ...
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Cybersecurity researchers have discovered two malicious packages in the Python Package Index (PyPI) repository that masquerade as spellcheckers but contain functionality to deliver a remote access ...
Bleeping Computer

GreyNoise launches free scanner to check if you're part of a botnet

GreyNoise Labs has launched a free tool called GreyNoise IP Check that lets users check if their IP address has been observed in malicious scanning operations, like botnet and residential proxy ...