Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

Automated Accessibility Testing on the Web: Possibilities and Limitations

Tools can help check the accessibility of web applications – but human understanding is required in many areas.
IEEE

Optimizing Pre-Trained Code Embeddings With Triplet Loss for Code Smell Detection

Abstract: Code embedding represents code semantics in vector form. Although code embedding-based systems have been successfully applied to various source code analysis tasks, further research is ...
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...
IEEE

CHARON: Polyglot Code Analysis for Detecting Vulnerabilities in Scripting Languages Native Extensions

Abstract: Scripting languages like Python or JavaScript are extremely popular among developers, in part due to their massive open-source ecosystems that enable smooth code reuse. However, recent work ...
The Caledonian-Record

Omniscient Secures New CPT® Code for Connectomic Analysis, Validating the Clinical Utility of ...

Omniscient (“o8t®”), a global pioneer in the use of AI to decode the human brain, today announced the issuance of a new Category ...
tech-critter.com

Aikido vs SonarQube: Code Quality vs Full-Stack Application Security

Writing clean, bug-free code is a point of pride for any developer. For decades, tools that measure code quality have been a staple of the software development lifecycle, helping teams eliminate bugs, ...