BY TOB5 MIN READ

AI Tooling This Week: Supply Chain Attacks Get Smarter and Enterprise Agents Go Private

A malicious PyPI package, Cursor's self-hosted coding agents, and why Matt Webb thinks vibe coding is making us better architects.

BY TOB • 5 MIN READ

Someone Found a Live Malware Campaign on PyPI by Accident

A developer debugging a frozen laptop stumbled onto litellm 1.82.8, a weaponized package designed to steal SSH keys, AWS credentials, and just about everything else on your machine.