The vm2 sandbox component of the open-source JavaScript runtime environment Node.js is vulnerable with certain settings.

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Earn these JavaScript certs to demonstrate mastery of the most in-demand skills for the world’s most-used programming language.

Dr. James McCaffrey presents a complete end-to-end demonstration of linear regression using JavaScript. Linear regression is the simplest machine learning technique to predict a single numeric value, ...

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a malware loader based on the open-source Deno runtime for JavaScript and ...

The MarketWatch News Department was not involved in the creation of this content. -- ThreatDown's EDR team discovered a sophisticated, multi-stage attack chain during an active investigation; the ...

ThreatDown’s EDR team discovered a sophisticated, multi-stage attack chain during an active investigation; the first documented case of attackers abusing the Deno runtime as a malware execution ...