A popular Python library just became a backdoor to your entire machine
https://www.xda-developers.com/popular-python-library-backdoor-machine/
It's one of the most popular Python libraries for interacting with large language models [...] It has over 40,000 stars on GitHub, and it's an important dependency in a lot of AI tooling. It's also been compromised on PyPI, and the malicious versions are stealing everything they can find on your machine.
Sorry but... 🍿
@lenotaire @Khrys wtf is clickbait in that? This is a good writeup what is happening, how it is happening, who is targeted, names the affected lib in the very first sentence and shows how to figure out if it is installed.
Yes this is 🍿 but clickbait??
@lenotaire I think you're a little out of touch with reality. OP is not the writer of the article and may phrase their post as they want and the article itself? c'mon. It is the job of the headline to "bait" users into *reading* the damn article.
Nothing there is sensationalized, exaggerated, or misleading.
@xdej lol and now there is another dragging gender in this that I did not even check or ask for and had no idea about unil now for anyone in this discuss. Go touch grass! Not everything is about the patriarchy.
That article is not clickbait and that is the argument I made. Fine, that toot may be clickbait-y and it's my first of that person I read and yes my understanding wa the *article* is criticized.
Heck I didn't even get the idea to judge a toot for standards of journalism. A TOOT.
Khrys
Le Notaire
Beko Pharm
Xdej