The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
GitHub

Running async execute in the python backend the correct way

So for reasons of concurrency I rely on the async execute of the python backend. I read through all of your examples and while my solution works, I wonder what the "correct" way to do this is? I ...
Hosted on MSN

How Tesla’s robotaxi plans are starting to take shape

Tesla has shared new details about its Robotaxi service as Full Self-Driving moves closer to approval in Europe. This video breaks down what was actually said—and what wasn’t. Elon Musk also offered a ...
The Hacker News

New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack

Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool ...
IEEE

CAIS: Fine-Grained Controllable Adversarial Attacks for Instance Segmentation in Uncrewed Systems

Abstract: The threat of adversarial attacks on artificial intelligence in uncrewed systems has raised significant concerns regarding security. At a finer granularity, target-level adversarial attacks ...
The Verge

Musk says he’s going to open-source the new X algorithm next week

He open-sourced Twitter’s algorithm back in 2023, but then never updated the GitHub. He open-sourced Twitter’s algorithm back in 2023, but then never updated the GitHub. is the Verge’s weekend editor.