The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Greensboro, Winston-Salem top region's hottest housing markets in Q1 2026

Preview this article 1 min Multiple neighborhoods in Greensboro and Winston-Salem saw strong sales momentum in Q1 2026. NC's ...

St. Johns County food truck park wins appeal to reopen after code enforcement shutdown

The park has been shut down over code violations, but commissioners were eager to see operations restart once some minor ...
InfoWorld

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...

The Last Class That Needed To Code Just Graduated

The keynote sound bite that everybody in the world could be a programmer is now a reality that people are living.
Developer Tech

AI coding tools write more code, but developers carry the risk

OpenAI president Greg Brockman says AI coding tools can write up to 80% of code, but human review and security checks still ...

Anthropic reaches deal with SpaceX to tap into computing resources in AI push

The deal gives the IPO-bound SpaceX a marquee customer as it looks to sell investors on its AI ambitions, while helping ...
The Register-Herald

Met Gala guests take artistic liberties with dress code

Fashion biggest night is making a statement this year with its dress code, “Fashion is art." Global Editorial Director of ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
Cryptopolitan on MSN

Malicious SAP npm packages target crypto wallet data

Four npm packages linked to SAP's Cloud Application Programming Model were hijacked. The hackers added code that steals ...