Articles by tag: python-security
Python Security Tools from Astral
Astral (Ruff, uv) launches open source PyPI dependency audit. Protection from CVE, malware in supply chain. Integration with uv for middle/senior dev. Learn details and plans.
Telnyx Hack on PyPI: Theft of Keys and Tokens
Hackers injected malware into Telnyx 4.87.1/4.87.2 via WAV steganography. Roll back to 4.87.0, change keys. Developer's guide to detection and protection.
Stealer in LiteLLM: key theft on Python startup
Stealer of API keys, SSH, AWS discovered in LiteLLM 1.82.7/1.82.8. Activation on Python start. Recommendations for auditing and replacing keys for developers.
Python Password Generation: secrets instead of random
Entropy breakdown, random vulnerabilities (Mersenne Twister) and secrets advantages for cryptographically secure passwords. Practical attack and code. For developers.