New Infinity Stealer malware grabs macOS data via ClickFix lures
A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler. [...]
Python is a programming language whose libraries, runtimes, and dependencies can introduce vulnerabilities into software and security tooling.
Search across headline titles and summaries.
Background for this topic.
Python is a high-level, general-purpose programming language used for applications, automation, data processing, and security tooling. Its reference implementation, CPython, includes a standard library, while third-party packages extend the language for web services, networking, and system administration. Python’s broad deployment means vulnerabilities can affect both the interpreter and widely used libraries.
Security concerns include flaws in Python or dependencies, malicious or compromised packages introduced through typosquatting or dependency confusion, and unsafe application behavior. For example, deserializing untrusted data with pickle, evaluating untrusted expressions with eval, or constructing shell commands from unchecked input can enable code execution. Practitioners should inventory transitive dependencies, pin and review versions, use trusted package sources and integrity checks, apply security updates, and run services with least privilege. Python is also commonly used to automate scanning, analysis, and response, so those scripts require the same access control, code review, and secret-handling discipline as other production software.
A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler. [...]
TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. [...]
TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data
Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of devices during the attack. [...]
Python interface for LLMs infected with malware via polluted CI/CD pipeline Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the Python Package Index (PyPI) following a supply chain attack that injected them with malicious credential-stealing code.…
TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named litellm, pushing two malicious versions containing a credential harvester, a Kubernetes lateral movement toolkit, and a persistent backdoor