The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
How-To Geek on MSN

Stop crashing your Python scripts: How to handle massive datasets on any laptop

How chunked arrays turned a frozen machine into a finished climate model ...
InfoWorld

Python picks up speed with a new JIT

Python’s new JIT compiler might be the biggest speed boost we’ve seen in a while, but it’s not without bumps. Get that news ...

Python libraries used in top AI and ML tools hacked - Nvidia, Salesforce and other libraries all at risk

Security researchers from Palo Alto Networks have discovered vulnerabilities used in some top Artificial Intelligence (AI) and machine Learning (ML) tools which, if abused, could allow threat actors ...
The Register on MSN

Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group Vulnerabilities in popular AI and ML Python libraries used in Hugging Face models with tens of millions of ...
Dark Reading

AsyncRAT Malware Infests Orgs via Python & Cloudflare

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade detection and gain trust.
The Verge

Python Software Foundation turns down $1.5 million NSF grant because of the anti-DEI strings attached.

A PSF proposal to address vulnerabilities in Python and PyPi was recommended for funding, but it was declined because the terms barred “any programs that advance or promote DEI, or discriminatory ...
IEEE

sQUlearn: A Python Library for Quantum Machine Learning [Focus: Quantum Software and Its Engineering]

Abstract: sQUlearn introduces a user-friendly, noisy intermediate-scale quantum (NISQ)-ready Python library for quantum machine learning (QML), designed for seamless integration with classical machine ...