InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
InfoWorld

The best JavaScript certifications for getting hired

Earn these JavaScript certs to demonstrate mastery of the most in-demand skills for the world’s most-used programming ...

Windows 11 still runs on code from the 1990s, Microsoft admits

Microsoft's Win32 API dates back to Windows 95, and a senior exec says nobody expected it to still be essential in 2026.

The ZIP codes where the average home price has soared past $2M

ZIP codes across the country have seen their average sale price soar since the pandemic.
IT News For Australia Business

'ClickFix' attack tricks users into hacking themselves, ACSC warns

The Australian Cyber Security Centre (ACSC) has stepped in to warn users of an active attack campaign targeting Windows users ...

What’s a coding course for in the age of AI? Maybe not learning to write it

Intro to Programming courses at NC State still have a no-AI policy. Heckman and Roberts are committed to that, unlike Jordan.
Developer Tech

AI coding tools write more code, but developers carry the risk

OpenAI president Greg Brockman says AI coding tools can write up to 80% of code, but human review and security checks still ...

Official White House app contains code to bypass GDPR banners and paywalls

The app contains multiple features that have sounded alarm bells in this security researcher's analysis.
CSO Online

More fake extensions linked to GlassWorm found in Open VSX code marketplace

The threat actor seeding the Open VSX code marketplace with fraudulent extensions that download the GlassWorm malware has ...

Google’s Mueller: Vibe Coding Won’t Handle Your SEO For You

Google's John Mueller and Martin Splitt shared their vibe coding experiences, noting that AI tools still need specific SEO ...