The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
Le Lézard

RenderATL 2026 to Host OpenJS Summit: Spotlighting the Future of JavaScript

RenderATL, the leading tech conference merging innovation, culture, and code, today announced a first-of-its-kind collaboration with the OpenJS Foundation to host a dedicated OpenJS Summit at ...
The Hacker News

⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats

This week’s cybersecurity recap highlights key attacks, zero-days, and patches to keep you informed and secure.

OpenAI picks up pace against Claude Code with new Codex desktop app

By launching a desktop app, OpenAI is catching up to Anthropic’s popular Claude Code, which already offered a macOS version. Whether the desktop app makes sense compared to the existing interfaces ...
SecurityWeek

N8n Vulnerabilities Could Lead to Remote Code Execution

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.

Husband testifies he did not plot wife’s killing in double murder trial connected to au pair affair

A man charged with killing his wife and another man testifying in his case about his relationship with his family's au pair ...

Banfield Found Guilty in Virginia Double Murder Trial

Prosecutors said Brendan Banfield carried out an elaborate scheme using a fetish website in 2023 to kill his wife and another man.