GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...
GitHub

Injector - Python dependency injection framework, inspired by Guice

While dependency injection is easy to do in Python due to its support for keyword arguments, the ease with which objects can be mocked and its dynamic nature, a framework for assisting in this process ...
Dark Reading

Application Security

Application Security Copilot 'SearchLeak' Attack Allows 1-Click Data Theft The critical, three-stage attack is now patched, but it's part of a new group of AI prompt-injection issues that use hidden ...
GitHub

A fast, modern EnergyPlus IDF/epJSON toolkit for Python.

idfkit is in beta. The API may change between minor versions. We're looking for early adopters and testers — especially users of eppy who want better performance and a modern API. If you try it out, ...
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News

Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famous Chollima, ...