The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
InfoWorld

CPython vs. PyPy: Which Python runtime has the better JIT?

JIT compiler stack up against PyPy? We ran side-by-side benchmarks to find out, and the answers may surprise you.

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
GitHub

someipy - A Python Library implementing the SOME/IP Protocol

If you want to connect, have a feature request, bug report or need support, send me an email or connect on LinkedIn: someipy is a Python library implementing the SOME/IP protocol, including the ...
GitHub

Polars + Bloomberg Open API

polars-bloomberg is a Python library that extracts Bloomberg's financial data directly into Polars DataFrames. If you’re a quant financial analyst, data scientist, or quant developer working in ...
InfoWorld

Rust 1.93 updates bundled musl library to boost networking

New Rust release brings major improvements to musl’s DNS resolver and tweaks the standard library to aid global allocators.