Trivy GitHub Actions Breach Exposes Dev Secrets

TeamPCP backdoored litellm Python package versions 1.82.7 and 1.82.8 via a likely Trivy CI/CD compromise. Malicious code harvests credentials, enables Kubernetes lateral movement, and installs a persistent systemd backdoor. #SupplyChain #PythonSecurity ➡️ https://ift.tt/hcY8Ck2

CanisterWorm campaign compromises 29+ npm packages across @emilgroup and @teale.io namespaces, deploying a Python backdoor that fetches second-stage payloads via ICP canisters. Uses npm tokens and postinstall hooks. #SupplyChain #NPMAttack ➡️ https://ift.tt/9HlP5GN

CVE-2026-33017 is an unauthenticated remote code execution flaw in Langflow’s public flow build endpoint, exploited within 20 hours to run arbitrary Python and steal credentials via multi-stage attacks. #Langflow #RemoteCode #Exploit2026 ➡️ https://ift.tt/Rkc8mxl

LiteLLLM [compromised] - Python library and proxy server that makes applications Llm-agnostic - Was a catchy phrase that I thought was going to help with model switching efficiently instead of custom code... until... it was found out that, it contains litellm_init.pth with base64 encoded instructions to send all the credentials it can find to remote server + self-replicate!! Another reason why you don't want to just blindly follow the "Agent" hype with a a flashy site, PiP install and use it in prod. . https://lnkd.in/g5NDyj8C

winzy whitelist v.0.1.0 released I have finally released this tool today, despite having updated it some time ago. Better late than never! This tool converts Python-created executables into equivalent batch scripts. This is useful because some organizations prohibit the use of executables, even those created by python; this plugin allows you to create a compatible batch file instead. usage: Lets say winzy.exe created by…...

🚀 Shemul v1.0.1 is live from March 20, 2026 Your favorite project-aware CLI for Python just got smoother ⚙️ Organize all your repetitive commands in one place with shemul.json and run them with a clean, simple CLI 💻✨ No more messy scripts. No more forgotten commands. 📦 Install / Update: 👉 https://lnkd.in/gXhn-iSE 🌐 Learn more: 👉 https://lnkd.in/g58VTVDv #Shemul #Python #CLI #DevTools #OpenSource #Automation #STechBD

claudekit added to PyPI Created by Clyde C Why It Matters The addition of claudekit to PyPI is a significant development in the Python community, particularly for developers working with the Anthropic ecosystem. This toolkit provides a production-grade wrapper around the entire Anthropic ecosystem, making it easier for developers to int... link https://lnkd.in/eyUCmE8q pubDate Mon, 23 Mar 2026 03:48:11 +0000

CI/CD has improves code quality - and GitHub Actions makes it easier than ever to get started. I just built my first CI/CD pipeline with GitHub Actions! Check out my documentation for the step-by-step process 👇 ✅ Created a Python project with pytest tests ✅ Set up GitHub Actions workflow ✅ Configured automated testing on every push ✅ Watched my first green build pass Huge thanks to @NextWork for this awesome project guide. https://lnkd.in/euZXyCfN #CICD #GitHubActions #Python #DevOps #NextWork

Built a terminal LLM playground over the past few days. You pick 2 models, send a prompt, and get both responses back to back so you can actually compare them. Token counts, temperature, max tokens are all adjustable on the fly. Called it LAB. Stack: Python, Groq API (free), Rich GitHub: https://lnkd.in/dpWq6Vwy Try it on your own computer Stay tuned for more projects like this

Been building a small Python toolkit over the past few days to automate the stuff I kept doing manually on my machine monitors CPU/RAM/disk in real time, sorts files automatically, runs scheduled jobs in the background, backs up folders to zips, and plots a live stats chart all from one CLI menu nothing groundbreaking, just scratching my own itch and figured I'd clean it up and open source it repo's up if you want to check it out or use it https://lnkd.in/dSyts_Gx built under Litends we're slowly open sourcing more of our internal tooling #Python #OpenSource #Automation #Litends