Python Hub Weekly Digest for 2025-09-07

This week in Python news, popular topics included the creation of AI agents, the potential for weaponizing image scaling against AI systems, and a complete Python tutorial on building a coding agent from scratch. Other highlights included a guide on migrating from pip-tools to uv, a discussion on LFU vs. LRU in cache management, and an analysis of architectural advances from GPT-2 to gpt-oss. In the project section, MCPMark, a comprehensive benchmark for MCP servers, and Tensorlake, a serverless platform for data processing, were among the notable mentions. Wishing you a great week ahead and happy coding!

💖 Most Popular

AI Agents for Beginners
11 Lessons to Get Started Building AI Agents.

Weaponizing image scaling against production AI systems
Attackers can hide malicious prompts in images that become visible only after being downscaled—tricking AI systems like Gemini CLI and Vertex AI Studio into executing hidden instructions. Trail of Bits demonstrates these “image scaling” exploits and introduces Anamorpher, an open-source tool to craft and test such attacks, while also proposing defenses.

Build a Coding Agent from Scratch: The Complete Python Tutorial
The tutorial walks through building a baby version of the Claude Code AI coding agent from scratch in Python, covering creating a reasoning brain, instructions, tools, and memory with a ReAct loop for interactive coding tasks. It also progresses to adding safe code execution, sandboxing, and context management to handle large codebases, enabling the agent to write, test, debug, and itera...

From Zero to GPU
A Guide to Building and Scaling Production-Ready CUDA Kernels

OctaneDB – Fast, Open-Source Vector Database for Python

📖 Articles

AsyncIO - Complete Guide to Asynchronous Programming with Animations
The video teaches how to write asynchronous code in Python using AsyncIO with async/await syntax. It covers core concepts like coroutines, tasks, and the event loop, shows how to convert synchronous code to async, and demonstrates performance benefits using real-world examples and animations.

How to migrate from pip-tools to uv
A guide to migrating from pip-tools to uv in Python projects, focusing on preserving pinned versions.

Pro-Tip – Sometimes LFU > LRU
This article discusses how AI/web crawlers create excessive sessions that push legitimate user sessions out of cache, degrading user experience on sites like e-commerce platforms. It suggests configuring Redis with an LFU (Least Frequently Used) eviction policy, rather than the common LRU (Least Recently Used), to preferentially keep frequently used sessions (like those of real users) wh...

Python Hub Weekly Digest for 2025-08-31

oraios / serena
A powerful coding agent toolkit providing semantic retrieval and editing capabilities (MCP server & Agno integration)

A Python CLI for Verifying Assembly
This post describes Python CLI tool for verifying assembly programs using symbolic execution with Ghidra pcode semantics. It highlights novel features like embedding formal specifications directly into assembly through macros, handling invariants via control flow graph cuts, and providing detailed verification and countermodel feedback to ensure correctness of assembly code.

From GPT-2 to gpt-oss: Analyzing the Architectural Advances
The article analyzes the architectural advances from GPT-2 to OpenAI’s new open-weight gpt-oss models, highlighting innovations like Mixture-of-Experts, grouped query attention, and sliding-window layers for efficiency and scaling. He compares these changes with models like Qwen3 and notes how gpt-oss is optimized for reasoning, tool use, and agentic workflows, while remaining memory-eff...

How to Spot (and Fix) 5 Common Performance Bottlenecks in pandas Workflows
This post walks through five common pandas bottlenecks, how to recognize them, and some workarounds you can try on CPU with a few tweaks to your code plus a GPU-powered drop-in accelerator, cudf.pandas, that delivers order-of-magnitude speedups with no code changes.

We Needed Better Cloud Storage for Python so We Built Obstore
Obstore is a fast, lightweight Python library for working with object storage—backed by Rust and built for clarity, speed, and interoperability. It’s already being used across cloud-native geospatial tools and supports common workflows out of the box.

Preventing Domain Resurrection Attacks
PyPI has implemented new security measures to prevent domain resurrection attacks, where expired domains are re-registered by attackers to hijack accounts via password resets. Since June 2025, PyPI has unverified over 1,800 email addresses tied to expiring domains, blocking these addresses from being used for account recovery and enhancing account security.

Customize your IPython shell in Docker
You can heavily customize your IPython shell experience when using it inside Docker or in a Docker Compose project. Without your personal preferences annoying your teammates!

How to Build an Advanced AI Agent with Search (LangGraph, Python, Bright Data & More)
The video demonstrates building a multi-step, scalable AI research agent in Python using LangGraph. The agent can pull live search data from sources like Google, Bing, and Reddit, aggregate and analyze the information, and provide comprehensive answers, showcasing advanced Python coding, complex architecture, and effective use of APIs like Bright Data and OpenAI GPT. The tutorial covers ...

Python Namespace Packages are a pain
Python namespace packages allow a single package to be split across multiple directories on disk, enabling modular and scalable code organization without requiring aninit.pyfile. They come in two types: explicit (using pkgutil or pkg_resources to extend paths) and implicit (PEP 420–style) namespace packages, but both introduce complexity and potential pitfalls, so many recommend avoiding...

Anatomy of a Python Loop
Learn Python loops the fun way by rolling dice, casting fireballs, and finally understanding what continue really does.

Python: The Documentary [video]

laramies / theHarvester
E-mails, subdomains and names Harvester - OSINT

Python has had async for 10 years – why isn't it more popular?

⚙️ Projects

MCPMark
MCP Servers are shaping the future of software. MCPMark is a comprehensive, stress-testing benchmark and a collection of diverse, verifiable tasks designed to evaluate model capabilities in real-world MCP use.

VibeVoice
A Frontier Long Conversational Text-to-Speech Model.

lemonade
Lemonade helps users run local LLMs with the highest performance by configuring state-of-the-art inference engines for their NPUs and GPUs.

AsyncFlow
Digital twin for async backends: build topologies, simulate traffic, and get per-server and full system latency/throughput insights.

monkeSearch
Fully local, temporally aware natural language file search on your pc! even without a GPU. find relevant files using natural language in less than 1 second.

terminal-bench
A benchmark for LLMs on complicated tasks in the terminal.

tensorlake
Tensorlake is a Document Ingestion API and a serverless platform for building data processing and orchestration APIs

fenic
Build reliable AI and agentic applications with DataFrames.

← Previous

Project by Ruslan Keba. Since 2012. Powered by Python. Made in 🇺🇦Ukraine.