NetKnights releases privacyIDEA 3.13 with enhanced passkey functionality and new web interface

The IT security company NetKnights has released version 3.13 of its multi-factor authentication software, privacyIDEA ...
TechJuice

Meta Suspends Work With $10 Billion AI Startup Mercor After Cyberattack

Meta pauses Mercor partnership after a major data breach raises concerns over exposure of sensitive AI training data.
The Next Web

Meta freezes AI data work after breach puts training secrets at risk

Meta has indefinitely paused work with $10B AI data startup Mercor after a LiteLLM supply chain attack exposed training ...

担心的事还是发生了,真有人给龙虾“投毒”

如果你最近在用OpenClaw跑Agent、装Skill,或者即便只是正常装了几个常见依赖,那你可得好好注意了! 今日,资深开发者Daniel Hnyk在社交平台X上紧急发文警告称:LiteLLM的PyPI官方发布版本1.82.8已被注入恶意代码,并着重强调“DONOTUPDATE”(请勿更新)。
新浪网

PyPI遭投毒!LiteLLM用户Python启动就中招,个人凭证秒泄露

最新上传的LiteLLM Python 版本1.82.7和1.82.8,已被人为恶意植入信息窃取程序。 一旦安装,SSH密钥、AWS凭证和API密钥等数据均会立即泄漏。 目前LiteLLM的维护者Krrish Dholakia,已经公开证实此事。 在恶意版本存在三小时后,PyPI迅速发现了这一漏洞,并将软件包隔离。

Tesla's former VP Andrej Karpathy shares AI coding 'horror', 'Python supply chain attack ...

Andrej Karpathy, the former Tesla AI director and OpenAI cofounder, is calling a recent Python package attack \"software horror\"—and the details are ge.
GitHub

PyPI GUI Package Manager

The PyPI GUI Package Manager is a simple and user-friendly graphical interface for managing Python packages from the Python Package Index (PyPI). It provides an intuitive way to search for packages, ...
Beebom

How to Install Pip on Windows

Recently, we wrote a detailed tutorial on how to build your own AI chatbot with ChatGPT API. And for that project, we used Python and Pip to run several essential ...
Bleeping Computer

PyPI urges users to reset credentials after new phishing attacks

The Python Software Foundation has warned victims of a new wave of phishing attacks using a fake Python Package Index (PyPI) website to reset credentials. Accessible at pypi.org, PyPI is the default ...