The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
LGBTQ NationOpinion

Trump’s new counterterrorism strategy focuses on combatting transgender “ideology”

The Trump Administration released a national counterterrorism strategy on Wednesday that newly targets so-called ...
5PillarsOpinion

The weaponisation of antisemitism to suppress pro-Palestine solidarity

FacebookLikeShareTweetEmail Recent antisemitic attacks in north London have reignited debate over hate crime and public ...
Morning Overview on MSN

Malicious open-source packages surge 73% in 2026 as threat actors weaponize the software supply chain

In the first five months of 2026, security researchers have flagged more malicious packages on the npm registry than in all ...

Ukraine hits key Russian oil-loading port and 3 ‘shadow fleet’ tankers

Ukraine has launched a wave of strikes against Russia’s oil export infrastructure, hitting a key loading port on the Baltic ...

The never-ending supply chain attacks worm into SAP npm packages, other dev tools

The wave of supply chain attacks aimed at security and developer tools has washed up more victims, namely SAP and Intercom ...

What Happens in the First 24 Hours After a New Asset Goes Live

When a new asset goes live, attackers start scanning within minutes. Sprocket Security shows how automated attacks move from ...