Fireship on MSN

The JavaScript ecosystem didn’t see this coming

Anthropic’s move into the JavaScript ecosystem surprised almost everyone. Buying a popular runtime isn’t just a tooling ...

Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.