The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

Pubs and music venues to be handed business rates relief after government U-turn

Treasury minister Dan Tomlinson says pubs are a special case, but there's fury more widely over the further squeeze on bottom ...

Where AI browsers fall short

Unlike regular search engines, AI browsers suffer from algorithmic inconsistency due to their black-box nature — and even ...

IT’S NOT LIKE THAT : STREAM IT OR SKIP IT?

The new family drama It’s Not Like That, streaming on the Wonder Project add-on for Prime Video, carries on the tradition of family dramas that we’ve seen for decades, but with a tiny bit of faith ...

Hackers are using LLMs to build the next generation of phishing attacks

What if a phishing page was generated on the spot?
CSO Online

Unplugged holes in the npm and yarn package managers could let attackers bypass defenses against Shai-Hulud

A researcher at Koi Security says the two key platforms have not plugged the vulnerabilities enabling the worm attacks, and ...

I used one simple script to remove AI from popular browsers (including Chrome and Firefox)

Chrome, Edge, and Firefox are full of bloatware, with AI among the features most of us don't want. This free tool is your ticket back to the good old days.