InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
The New Yorker

When a Virus Is the Cure

Some years before Joseph Bunevacz came to America, and decades before he got sick, he taught the Beatles how to ski. Or so he told me when I visited him at his home, on the arid northeastern slopes of ...
Morning Overview on MSN

Malicious open-source packages have surged 73% in 2026 as attackers poison the software supply chain

In March 2026, someone hijacked a maintainer account for Axios, a JavaScript HTTP library downloaded more than 45 million ...