Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

This is an edition of The Atlantic Daily, a newsletter that guides you through the biggest stories of the day, helps you discover new ideas, and recommends the best in culture. Sign up for it here.

Remove the deprecated read_parquet_bulk API and its associated ParquetBulkDatasource class. The API was deprecated with a warning indicating removal after May 2025, and that deadline has passed. The ...

Dear Polars maintainers, thank you very much for all your hard work and for developing such a great tool. I am currently facing a minor yet annoying issue and wanted to share it for feedback. I have a ...

A proof-of-concept exploit tool has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as CVE-2025-30065, making it easy to find vulnerable servers. The tool was ...

A flaw in code for handling Parquet, Apache’s open-source columnar data file format, allows attackers to run arbitrary code on vulnerable instances. The vulnerability, tracked as CVE-2025-30065, is a ...

A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0. The problem stems from the deserialization of ...

The newly approved Python Enhancement Proposal 751 gives Python a standard lock file format for specifying the dependencies of projects. Here’s the what, why, and when. Python Enhancement Proposal ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. In this episode, Thomas Betts chats with ...