The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
InfoQ

Cloudflare's Matrix Homeserver Demo Sparks Debate over AI-Generated Code Claims

A Cloudflare blog post claiming a "production-grade" Matrix homeserver on Workers didn't survive community scrutiny. Missing ...
Nature

Data processing articles from across Nature Portfolio

Nanopore direct RNA sequencing is hindered by high basecalling error rates. Here, the authors introduce Coral, a dual context-aware basecaller using a Transformer ...
Bates College

Institutional Research, Analysis & Planning

For at least 151 years, a hemlock and its close neighbor, a red oak, have grown up together on the Bates campus, close enough to overlap branches, while buildings popped up around them. Their survival ...