The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
The Hacker News

Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

A critical Grist-Core flaw (CVE-2026-24002, CVSS 9.1) allows remote code execution through malicious formulas when Pyodide ...
Hackaday

Writing An Optimizing Tensor Compiler From Scratch

Not everyone will write their own optimizing compiler from scratch, but those who do sometimes roll into it during the course ...
Hackaday

Hackaday Podcast Episode 355: Person Detectors, Walkie Talkies, Open Smartphones, And A WiFi Traffic Light

Another chilly evening in Western Europe, as Elliot Williams is joined this week by Jenny List to chew the fat over the ...

New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.

Panera Bread breach: ShinyHunters claims hack of 14 million customers' data

Should we trust companies with our private data? It's a question some shoppers are asking following high-profile customer data breaches.