CSO Online

Critical bug in popular vm2 Node.js sandboxing library puts projects at risk

Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and ...
The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

Video: Heckler objects to swearing in of first female Archbishop of Canterbury

Dame Sarah Mullally has officially taken up the post as Archbishop of Canterbury following a service in St Paul's Cathedral that was briefly interrupted by a heckler.

Watch: Protesters object to scrapped election

Councillors were greeted by protesters ahead of a meeting in Norwich following the decision to scrap this year's local elections. Reform UK, which organised the protest of about 30 people ahead of the ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...
InfoWorld

TypeScript levels up with type stripping

Say goodbye to source maps and compilation delays. By treating types as whitespace, modern runtimes are unlocking a “no-build” TypeScript that keeps stack traces accurate and workflows clean.