The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
InfoQ

Cloudflare's Matrix Homeserver Demo Sparks Debate over AI-Generated Code Claims

A Cloudflare blog post claiming a "production-grade" Matrix homeserver on Workers didn't survive community scrutiny. Missing ...

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
Nature

Data processing articles from across Nature Portfolio

Nanopore direct RNA sequencing is hindered by high basecalling error rates. Here, the authors introduce Coral, a dual context-aware basecaller using a Transformer ...
Bates College

Institutional Research, Analysis & Planning

For at least 151 years, a hemlock and its close neighbor, a red oak, have grown up together on the Bates campus, close enough to overlap branches, while buildings popped up around them. Their survival ...