The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
Bleeping Computer

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. The tool is highly ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
CSO Online

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
KHOU 11

GUTEY'S GUYS: Texas A&M OL Trey Zuhn III is the most Packery offensive lineman in the 2026 NFL draft

GUTEY'S GUYS: Texas A&M OL Trey Zuhn III is the most Packery offensive lineman in the 2026 NFL draft To stream KHOU 11 on your phone, you need the KHOU 11 app.
KING5

GUTEY'S GUYS: Texas A&M OL Trey Zuhn III is the most Packery offensive lineman in the 2026 NFL draft

It was inevitable that Zach Tom would be a Packer. It feels that way with Texas A&M OL Trey Zuhn III this year. He's the most Packersy offensive lineman in the draft ...
The New York Times

Libraries and Librarians

Yale’s Bicentennial Schlock collection offers a window into the star-spangled commercialism that swept the country 50 years ago. By Jennifer Schuessler and Tony Cenicola Barack and Michelle Obama ...
Morning Overview on MSN

Malicious open-source packages have surged 73% in 2026 as attackers poison the software supply chain

In March 2026, someone hijacked a maintainer account for Axios, a JavaScript HTTP library downloaded more than 45 million ...