The Security Ledger

Technology’s “Upside Down”? Software Supply Chain

Stranger Things concept of the “Upside Down” is a useful way to think about the risks lurking in the software we all rely on.
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

ReversingLabs 2026 Software Supply Chain Security Report Identifies 73% Increase in Malicious Open-Source Packages

According to the firm’s latest supply chain security report, there was a 73% increase in detections of malicious open-source packages in 2025. The past year also saw a huge jump in the scope of ...

Pandas 3.0 brings unified string type and performance optimization

With the PyArrow library installed, pandas 3.0 interprets string columns automatically as the str data type instead of NumPy- ...
GitHub

Python 3.12 backport for Debian 12 bookworm

The aim of this project is to provide a Python 3.12 backport to Debian bookworm. Packages are of course much better manageable than compiling the source from scratch. In my opinion it is also more ...