The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Wendy's update: 1,000 new China restaurants, U.S. closings and Minions collaboration

Wendy's announces wave of closures as sales slip Wendy's names new president for U.S. Wendy's names new president for U.S. © ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months

Adobe patches a critical PDF flaw exploited for months, allowing attackers to bypass sandbox protections and deliver malware. Users urged to update now.

What actually matters to your personal finances in Ottawa’s spring economic update

There are no huge windfalls in store for taxpayers, but there are a few changes that take a bit of pressure off the ...

Starmer says he will 'not yield' to pressure from Trump over Iran war

It's the first PMQs after a two-week break for the Commons, with the impact of the US-Israel war with Iran likely to feature.

Politics Insider: Ottawa releases economic update with billions in new spending

Finance Minister François-Philippe Champagne released a spring economic statement today that accounts for more than ...

TikTok scales back AI-generated video descriptions after absurd errors

TikTok has rowed back on an AI feature which incorrectly summarised some videos on the platform, including claiming a ...

Claude Opus wrote a Chrome exploit for $2,283

In a blog post on Wednesday, Mohan Pedhapati (s1r1us), CTO of Hacktron, described how he used Opus 4.6 to create a full ...

Node.js 25: Escapes from JavaScript sandbox vm2 conceivable

The vm2 sandbox component of the open-source JavaScript runtime environment Node.js is vulnerable with certain settings.