To protect the Pixel modem from zero-day attacks, Google focused on the DNS parser. As cellular features have migrated to ...

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Another big drawback: Any modules not written in pure Python can’t run in Wasm unless a Wasm-specific version of that module ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

LiteLLM, a massively popular Python library used by AI developers, was compromised to deliver a mass credential harvesting malware, sending shockwaves across the industry. The “software horror” spread ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...

LEAP is a general purpose Evolutionary Computation package that combines readable and easy-to-use syntax for search and optimization algorithms with powerful distribution and visualization features.

See the releases section of this repository for the latest version.