📰 Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig.The vulnerability in question is CVE-2026-39987 (CVSS score: 9.3), a pre-authenticated remote code execution vulnerability impacting all versions of Marimo prior to and including.
🔗 Source: https://thehackernews.com/2026/04/marimo-rce-flaw-cve-2026-39987.html
#opensource #python #security
👉@sysadminoff
A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig.The vulnerability in question is CVE-2026-39987 (CVSS score: 9.3), a pre-authenticated remote code execution vulnerability impacting all versions of Marimo prior to and including.
🔗 Source: https://thehackernews.com/2026/04/marimo-rce-flaw-cve-2026-39987.html
#opensource #python #security
👉@sysadminoff
📰 PyPI package with 1.1M monthly downloads hacked to push infostealer
An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets.
🔗 Source:
#python
👉@sysadminoff
https://www.bleepingcomputer.com/news/security/pypi-package-with-11m-monthly-downloads-hacked-to-push-infostealer/
An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets.
🔗 Source:
#python
👉@sysadminoff
https://www.bleepingcomputer.com/news/security/pypi-package-with-11m-monthly-downloads-hacked-to-push-infostealer/
BleepingComputer
PyPI package with 1.1M monthly downloads hacked to push infostealer
An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets.
📰 New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts."The intrusion chain begins with execution of a batch script ('install_obf.bat') that disables Windows security controls, dynamically extracts an.
🔗 Source: https://thehackernews.com/2026/04/new-python-backdoor-uses-tunneling.html
#python
👉@sysadminoff
Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts."The intrusion chain begins with execution of a batch script ('install_obf.bat') that disables Windows security controls, dynamically extracts an.
🔗 Source: https://thehackernews.com/2026/04/new-python-backdoor-uses-tunneling.html
#python
👉@sysadminoff
📰 CachyOS Switches Python To Using Tail-Call Interpreter For 5~15% Better Performance
CachyOS is a very fast out-of-the-box Linux distribution and for those concerned about Python performance, the newest updates to this Arch Linux based distribution will provide even better performance...
🔗 Source: https://www.phoronix.com/news/CachyOS-Better-Python-Perf
#arch #linux #python
👉@sysadminoff
https://share.google/rbVGWCZ7AyiEKZlZL
CachyOS is a very fast out-of-the-box Linux distribution and for those concerned about Python performance, the newest updates to this Arch Linux based distribution will provide even better performance...
🔗 Source: https://www.phoronix.com/news/CachyOS-Better-Python-Perf
#arch #linux #python
👉@sysadminoff
https://share.google/rbVGWCZ7AyiEKZlZL
Phoronix
CachyOS Switches Python To Using Tail-Call Interpreter For 5~15% Better Performance
CachyOS is a very fast out-of-the-box Linux distribution and for those concerned about Python performance, the newest updates to this Arch Linux based distribution will provide even better performance.
📰 PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux
Cybersecurity researchers have discovered three packages on the Python Package Index (PyPI) repository that are designed to stealthily deliver a previously unknown malware family called ZiChatBot on Windows and Linux systems."While these wheel packages do implement the features described on their PyPI web pages, their true purpose is to covertly deliver malicious files," Kaspersky.
🔗 Source: https://thehackernews.com/2026/05/pypi-packages-deliver-zichatbot-malware.html
#linux #python
👉@sysadminoff
Cybersecurity researchers have discovered three packages on the Python Package Index (PyPI) repository that are designed to stealthily deliver a previously unknown malware family called ZiChatBot on Windows and Linux systems."While these wheel packages do implement the features described on their PyPI web pages, their true purpose is to covertly deliver malicious files," Kaspersky.
🔗 Source: https://thehackernews.com/2026/05/pypi-packages-deliver-zichatbot-malware.html
#linux #python
👉@sysadminoff
📰 JDownloader site hacked to replace installers with Python RAT malware
The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows and Linux installers, with the Windows payload found deploying a Python-based remote access trojan.
🔗 Source: https://www.bleepingcomputer.com/news/security/jdownloader-site-hacked-to-replace-installers-with-python-rat-malware/
#linux #python
👉@sysadminoff
https://ift.tt/NlOxMgY
The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows and Linux installers, with the Windows payload found deploying a Python-based remote access trojan.
🔗 Source: https://www.bleepingcomputer.com/news/security/jdownloader-site-hacked-to-replace-installers-with-python-rat-malware/
#linux #python
👉@sysadminoff
https://ift.tt/NlOxMgY
BleepingComputer
JDownloader site hacked to replace installers with Python RAT malware
The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows and Linux installers, with the Windows payload found deploying a Python-based remote access trojan.
📰 Feature freeze for Python 3.15 as first beta released
JIT compiler much improved, but no reinstatement for leaky incremental garbage collector.
🔗 Source:
#python
👉@sysadminoff
https://www.theregister.com/devops/2026/05/11/feature-freeze-for-python-315-as-first-beta-released/5237934
JIT compiler much improved, but no reinstatement for leaky incremental garbage collector.
🔗 Source:
#python
👉@sysadminoff
https://www.theregister.com/devops/2026/05/11/feature-freeze-for-python-315-as-first-beta-released/5237934
theregister
Feature freeze for Python 3.15 as first beta released
JIT compiler much improved, but no reinstatement for leaky incremental garbage collector
📰 Max-severity flaw in ChromaDB for AI apps allows server hijacking
A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to run arbitrary code on exposed servers.
🔗 Source:
#python
👉@sysadminoff
https://www.bleepingcomputer.com/news/security/max-severity-flaw-in-chromadb-for-ai-apps-allows-server-hijacking/
A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to run arbitrary code on exposed servers.
🔗 Source:
#python
👉@sysadminoff
https://www.bleepingcomputer.com/news/security/max-severity-flaw-in-chromadb-for-ai-apps-allows-server-hijacking/
BleepingComputer
Max-severity flaw in ChromaDB for AI apps allows server hijacking
A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to run arbitrary code on exposed servers.
📰 NVIDIA CUDA 13.3 Rolls Out CUDA Python 1.0, CUDA Tile For C++
NVIDIA on Tuesday released CUDA 13.3 as another significant advancement for their unified GPU programming stack for NVIDIA hardware...
🔗 Source:
#python
👉@sysadminoff
https://www.phoronix.com/news/NVIDIA-CUDA-13.3-Released
NVIDIA on Tuesday released CUDA 13.3 as another significant advancement for their unified GPU programming stack for NVIDIA hardware...
🔗 Source:
#python
👉@sysadminoff
https://www.phoronix.com/news/NVIDIA-CUDA-13.3-Released
Phoronix
NVIDIA CUDA 13.3 Rolls Out CUDA Python 1.0, CUDA Tile For C++
NVIDIA on Tuesday released CUDA 13.3 as another significant advancement for their unified GPU programming stack for NVIDIA hardware. For those wanting to tap the power of CUDA from the Python programming language, CUDA 13.3 marks the CUDA Python 1.0 milestone…
📰 Nginx Proxy Manager 2.15 Brings Debian 13 Base and Security Fixes
Nginx Proxy Manager 2.15 updates Debian, OpenResty, Certbot, Python, and Node dependencies, with caution advised before upgrading.
🔗 Source: https://linuxiac.com/nginx-proxy-manager-2-15-brings-debian-13-base-and-security-fixes/
#debian #nginx #python
👉@sysadminoff
https://linuxiac.com/?p=213433
Nginx Proxy Manager 2.15 updates Debian, OpenResty, Certbot, Python, and Node dependencies, with caution advised before upgrading.
🔗 Source: https://linuxiac.com/nginx-proxy-manager-2-15-brings-debian-13-base-and-security-fixes/
#debian #nginx #python
👉@sysadminoff
https://linuxiac.com/?p=213433
Linuxiac
Nginx Proxy Manager 2.15 Brings Debian 13 Base and Security Fixes
Nginx Proxy Manager 2.15 updates Debian, OpenResty, Certbot, Python, and Node dependencies, with caution advised before upgrading.