Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsStudyTraining
ProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Study
Training
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1310+ Articles
157+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
20 articles

#Python

All CosmicBytez Labs articles tagged #Python, across news, security advisories, how-to guides, and projects.

  • SecurityMay 30, 2026

    CVE-2026-10042: manga-image-translator RCE via Unsafe Python Deserialization

    A critical CVSS 9.8 remote code execution vulnerability in manga-image-translator allows unauthenticated attackers to execute arbitrary commands by...

  • SecurityMay 22, 2026

    CVE-2026-48207: Apache Fury PyFury Deserialization RCE

    A critical deserialization vulnerability in Apache Fury's Python library PyFury allows attackers to bypass DeserializationPolicy validation hooks via the...

  • SecurityMay 19, 2026

    CVE-2026-8838 — Amazon Redshift Python Driver RCE via

    The Amazon Redshift Python driver before version 2.1.14 contains a critical vulnerability where the vector_in() function executes arbitrary code received...

  • ProjectMay 5, 2026

    Building a Multi-Asset Trading Bot in Python with Async

    Event-driven trading bot for Canadian markets — 8 strategies, 4 broker integrations (Alpaca, Questrade, CCXT, paper), kill switch, FINTRAC reporting, and async.

  • NewsApr 30, 2026

    PyTorch Lightning and Intercom-client Hit in Supply Chain

    Threat actors compromised the popular Python PyPI package 'Lightning' — used for PyTorch model training — pushing malicious versions 2.6.2 and onward to...

  • SecurityApr 24, 2026

    Pipecat AI Framework RCE via LivekitFrameSerializer

    A critical vulnerability in Pipecat's optional LivekitFrameSerializer class allows unauthenticated remote code execution in the popular AI voice agent...

  • SecurityApr 24, 2026

    CVE-2026-26210: KTransformers Unsafe Deserialization RCE

    KTransformers through version 0.5.3 contains a critical unsafe deserialization vulnerability in its balance_serve backend mode, where an unauthenticated...

  • SecurityApr 23, 2026

    CVE-2026-39987: Marimo Pre-Auth Remote Code Execution

    A critical pre-authorization remote code execution vulnerability in Marimo, the open-source reactive Python notebook, allows unauthenticated attackers to...

  • SecurityApr 19, 2026

    CVE-2026-6577: DjangoBlog Missing Authentication in

    A missing authentication vulnerability in liangliangyy DjangoBlog up to 2.1.0.0 allows unauthenticated remote attackers to access the logtracks endpoint...

  • SecurityApr 19, 2026

    CVE-2026-6580: DjangoBlog Hard-Coded Cryptographic Key in

    A hard-coded cryptographic key vulnerability in liangliangyy DjangoBlog up to 2.1.0.0 allows remote attackers to exploit the Amap API Call Handler in...

  • SecurityApr 9, 2026

    CVE-2026-39888: PraisonAI Sandbox Escape Enables Remote

    A critical sandbox escape vulnerability in PraisonAI's multi-agent framework allows attackers to bypass the Python code execution sandbox, defeating the...

  • SecurityMar 31, 2026

    CVE-2026-32714: Critical SQL Injection in SciTokens

    A critical SQL injection vulnerability in the SciTokens Python library allows attackers to manipulate authentication token validation via unsanitized...

  • NewsMar 28, 2026

    Backdoored Telnyx PyPI Package Pushes Malware Hidden in WAV

    Threat actors known as TeamPCP compromised the Telnyx Python package on PyPI, uploading malicious versions that conceal credential-stealing malware inside...

  • NewsMar 28, 2026

    New Infinity Stealer Malware Grabs macOS Data via ClickFix

    A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka...

  • NewsMar 25, 2026

    Supply Chain Attack Hits Widely-Used AI Package, Risking

    Malicious versions of LiteLLM — a Python package with 3 million daily downloads present in roughly 36% of cloud environments — were quietly pushed to PyPI...

  • NewsMar 16, 2026

    GlassWorm ForceMemo: Stolen GitHub Tokens Used to Poison

    The GlassWorm threat actor has launched a new sub-campaign called ForceMemo, using stolen GitHub tokens to silently force-push malware into hundreds of...

  • SecurityFeb 20, 2026

    Critical RCE in Microsoft Semantic Kernel Python SDK

    A maximum-severity code injection vulnerability in Microsoft's Semantic Kernel Python SDK allows authenticated attackers to execute arbitrary code through...

  • HOWTOFeb 9, 2026

    Building Event-Driven Systems with Python asyncio

    Design and implement event-driven architectures using Python asyncio. Covers event buses, async task orchestration, graceful shutdown, and real-world...

  • HOWTOFeb 7, 2026

    Automating Report Generation with Python and Jinja2

    Build an automated report generation system using Python, Jinja2 templates, and data extraction from multiple sources. Covers multi-tenant data...

  • HOWTOFeb 2, 2026

    Python for Security Automation: Essential Scripting

    Learn Python security scripting fundamentals including network scanning, log parsing, hash analysis, API integration, and automated threat detection for...