The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
InfoWorld

OpenSilver 3.3 runs Blazor components inside XAML apps

New version of the open-source replacement for Microsoft Silverlight also brings support for .NET 10 and C# 14.

Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
GitHub

Polars + Bloomberg Open API

polars-bloomberg is a Python library that extracts Bloomberg's financial data directly into Polars DataFrames. If you’re a quant financial analyst, data scientist, or quant developer working in ...
GitHub

Python library for the Coinbase Advanced Trade API.

from coinbaseadvanced.client import CoinbaseAdvancedTradeAPIClient # Creating the client using Clould API Keys. client = CoinbaseAdvancedTradeAPIClient.from_cloud_api_keys(API_KEY_NAME, PRIVATE_KEY) # ...
InfoWorld

Python picks up speed with a new JIT

Python’s new JIT compiler might be the biggest speed boost we’ve seen in a while, but it’s not without bumps. Get that news ...