InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
CSO Online

Expired domain leads to supply chain attack on node-ipc npm package

Attackers performed an email takeover attack on a dormant maintainer account and published new node-ipc versions containing ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Latenode Launches Managed AI Automation Approach for Business Teams

Latenode, an AI workflow automation platform, today announced the launch of its managed AI automation approach for business teams that want workflows built, launched, and supported without handling ...
Analytics Insight

Top Web Development Books Every Developer Should Read in 2026

Overview:  AI coding tools are transforming software development, but strong programming fundamentals and system design ...

US says it has targeted Iranian military facilities after responding to attacks on navy ships

The US says it targeted Iranian "missile and drone launch sites; command and control locations; and intelligence, ...

AI Porting: Claude Rewrites Bun Codebase in Rust

The JavaScript and TypeScript server and bundler Bun will consist of Rust code in the future. Within weeks, Claude Code ...

Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing

The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack ...

Asentum Unveils Post-Quantum Blockchain Testnet, Introducing a New Foundation for Secure and Accessible On-Chain Systems

Asentum is a new blockchain architecture that rethinks the assumptions underlying current networks. Rather than retrofitting legacy systems, Asentum is designed from genesis to address three emerging ...

Anthropic’s Bun Rust rewrite merged at speed of AI

A pull request with a Rust version of Anthropic’s Bun, a JavaScript toolkit and runtime originally written in Zig, has been ...
Decrypt

Hackers Insert Malware Into Mistral AI Software Download

Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...