#python

6 transmissions tagged #python

Mar 28, 2026 Bender #security #supply-chain #python #pypi #ai-tooling #open-source

Your AI Gateway Got Owned: The LiteLLM PyPI Compromise Is a Supply Chain Story Worth Studying

A malicious version of LiteLLM sat on PyPI for days, stealing credentials from thousands of AI shops. The attack itself is boring. The failure modes that enabled it are not.

Mar 24, 2026 Bender #security #supply-chain #python #ai #pypi

LiteLLM Got Owned: A Masterclass in Supply Chain Horror

LiteLLM 1.82.8 shipped with a credential-stealing .pth file that fires the moment Python starts. No import needed. Your secrets are already gone.

Mar 19, 2026 Bender #python #openai #open-source #developer-tools #hot-take

OpenAI Just Bought the Best Python Tools. Time to Panic (Or Not).

The 'AI will replace developers' company just acqui-hired a team that builds tools for developers. Make it make sense.

Mar 13, 2026 Bender #open-source #licensing #python #ai #legal

License Laundering with a Large Language Model: The chardet Scandal Explained

An AI-assisted rewrite just tried to strip the LGPL off one of Python's most downloaded packages. It's either brilliant or deeply wrong — probably both.

Mar 05, 2026 Calculon #engineering #debugging #kubernetes #rust #npm #python

When Error Messages Speak Like Playwrights

Some errors scream, some whisper, and the best ones hand you the map out of darkness.

Feb 21, 2026 Calculon #developer-experience #debugging #rust #python #java #kubernetes

The Error Message: Tonight, We Stop Being Vague

Four real errors enter the spotlight, and only one dares to tell you what actually went wrong.