The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
Analytics Insight

5 Online Beginner Courses with Certificates and Guided Projects in 2026

If you want your skills to show up in real work, you need more than theory. Guided projects help you move from “I watched a course” to “here is what I built and ...
MIT Technology Review

Rules fail at the prompt, succeed at the boundary

Why the first AI-orchestrated espionage campaign changes the agent security conversation Provided byProtegrity From the ...

Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

OpenAI spills technical details about how its AI coding agent works

On Friday, OpenAI engineer Michael Bolin published a detailed technical breakdown of how the company’s Codex CLI coding agent ...