Mastodawn

A popular Python library just became a backdoor to your entire machine

https://www.xda-developers.com/popular-python-library-backdoor-machine/

It's one of the most popular Python libraries for interacting with large language models [...] It has over 40,000 stars on GitHub, and it's an important dependency in a lot of AI tooling. It's also been compromised on PyPI, and the malicious versions are stealing everything they can find on your machine.

Sorry but... 🍿

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.

XDA

Show thread

gmthor 1d ago

@holgi um dich wieder einzunorden

Berlin schaft es das Gesetz zur Kostenerhöhung der Anwohnerparkausweise nicht mehr zu erlassen. Damit die Ämter vor der Wahl nicht überlastet sind

gmthor 2d ago

evacide 2d ago

If you have an iPhone, today is a good day to make sure you are running the latest software. https://techcrunch.com/2026/03/23/someone-has-publicly-leaked-an-exploit-kit-that-can-hack-millions-of-iphones/

Someone has publicly leaked an exploit kit that can hack millions of iPhones | TechCrunch

Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions of iOS with spyware, according to cybersecurity researchers.

TechCrunch

gmthor 2d ago

The Whore of Blahbylon 2d ago

#humour

gmthor 3d ago

Ben Cohen 3d ago

My incometence at this game is very consistent:

- I always overshoot onto short platforms
- I always undershoot when trying to get the 3rd perfect landing

https://100jumps.org

100 Jumps

Hold to charge, release to jump. Land on 100 platforms to win — but one miss and it's over. How many attempts will it take you?

gmthor 3d ago

Corinna (versiffte Göre)3d ago

Realität für Frauen ist übrigens auch, dass wenn wir viele Beiträge zu sexualisierter Gewalt teilen, um dem Thema die nötige Aufmerksamkeit zu verschaffen, plötzlich ein Dude in die DMs slidet, mit dem man vorher noch nie interagiert hat, und völlig kontextlos fragt, was man von Männern hält, und auf Nachfrage sagt, die eigene Timeline sei voller Posts zu sexualisierter Gewalt etc. und er müsse so viel blocken, und überhaupt wie könne man assumen er sei ein Dude.

Ich schulde keinem Auskunft.

gmthor 4d ago

Michael Stapelberg 🐧🐹😺4d ago

Signal Boost: If you are willing to fix any of the #Wayland related issues I describe in https://michael.stapelberg.ch/posts/2026-01-04-wayland-sway-in-2026/, I am willing to sponsor the hardware you need for it, e.g. high-res monitor, GPU, PC, etc. and/or pay a bounty for the fix itself.

See https://lobste.rs/s/5pkjai/wayland_set_linux_desktop_back_by_10_years#c_4cpf8q for details and reach out; thanks in advance.

My goal is that #Linux works better, but I can’t do it alone. Let’s improve it together!