Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

Jack Smith testifies to lawmakers about his investigations into Trump - BBC News

Jack Smith testifies before the House Judiciary Committee about his criminal investigations into US President Donald Trump, telling the hearing he has no partisan loyalties and hi ...
The Hacker News

GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection

GootLoader malware is abusing malformed ZIP archives that bypass common tools like WinRAR & deliver JavaScript payloads via ...

Hollyoaks confirms race to save Ste as Lucas takes shocking revenge

The situation escalated further when Lucas uncovered the shocking truth that Ste had been sleeping with Dillon Ray ( ...
GitHub

Modern JavaScript runtime in Python

Note: jsrun is under development. Expect breaking changes between minor versions. One of the most compelling use cases for jsrun is building safe execution environments for AI agents. When LLMs ...
IEEE

Study of JavaScript Static Analysis Tools for Vulnerability Detection in Node.js Packages

Abstract: With the emergence of the Node.js ecosystem, JavaScript has become a widely used programming language for implementing server-side web applications. In this article, we present the first ...
GitHub

A very much Pandas-like JavaScript library for data science

Jandas is designed to have very similar indexing experience as Pandas. It implements DataFrame, Series and Index classes in TypeScript and supports position- and label-based indexing. Unlike Pandas ...
heise online

Notepad++ Update to clean up self-signed certificate remnants

The powerful and popular open-source text editor Notepad++ made headlines in early December, as attackers in Southeast Asia were specifically injecting malware to victims, partly due to the use of ...