SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB of data.
CSO Online

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed.

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
GitHub

SSH Paste Image for Claude

Paste clipboard images into Claude Code (or any CLI) running over SSH. If you develop on a remote server and use Claude Code via SSH, you've hit this problem: you can't paste images into the CLI ...
GitHub

Computational Methods for Economists using Python, by Richard W. Evans

This repository contains the source material, code, and data for the book, Computational Methods for Economists using Python, by Richard W. Evans (2023). This book is freely available online as an ...