The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Gaza documentary makers dare BBC to cut their Baftas speech after impartiality row

Speaking during the Too Hot To Handle: The Future of Political Documentaries panel, he said the BBC was ‘racist’ in its ...

How to perform web scraping at scale

Web scraping is a process that extracts massive amounts of data from websites automatically, with a scraper collecting thousands of data points in a matter of seconds. It grabs the Hypertext Markup ...
Opinion

How AI can lead to false arrests and wrongful convictions

In Baltimore on Oct. 20, 2025, a 17-year-old student named Taki Allen was sitting outside his high school after football practice when an artificial intelligence-enhanced surveillance camera falsely ...

Adolescence makes history at Bafta TV Awards

Netflix drama Adolescence was the big winner at the Bafta Television Awards on Sunday, while The Celebrity Traitors and Last ...
InfoQ

GitHub Enhances CodeQL with Declarative Security Modeling for Faster, More Flexible Analysis

GitHub has introduced a significant update to its CodeQL engine, enabling developers to define custom sanitizers and ...
Windows Latest

Microsoft admits Windows 11 is still built on 90s-era Win32, and no one saw it coming

Microsoft admits it didn't expect Win32 to survive until 2026. After years of RAM-heavy web apps, Windows 11 is going back to ...

A runner’s guide to understanding heart rate variability

Heart rate variability has become one of the more curious metrics to emerge from the age of wrist-worn running trackers that, ...

Canada built the foundation of AI. Now let’s own what comes next

Valérie Pisano is president and chief executive at Mila. Mark Surman is president at Mozilla.
Morning Overview on MSN

Malicious open-source packages have surged 73% in 2026 as attackers poison the software supply chain

In March 2026, someone hijacked a maintainer account for Axios, a JavaScript HTTP library downloaded more than 45 million ...