The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
Make Tech Easier

Chrome Slow on Windows 11? Disable Efficiency Mode for Faster Browsing

Does your Google Chrome browser feel slow on Windows 11? You can enjoy faster browsing by disabling Efficiency Mode ...
InfoQ

Google Releases Gemma 3 270M Variant Optimized for Function Calling on Mobile and Edge Devices

FunctionGemma is a new, lightweight version of the Gemma 3 270M model, fine-tuned to translate natural language into ...

Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

Koi security researchers found that when NPM installs a dependency from a Git repository, configuration files such as a ...

I used one simple script to remove AI from popular browsers (including Chrome and Firefox)

I used one simple script to remove AI from popular browsers (including Chrome and Firefox) ...

Builders FirstSource: Not Worth Shorting, Not Worth Getting Excited About Either

Builders FirstSource (BLDR) which provides building products and manufactured components for homebuilders, contractors and ...

Smurfit Westrock: 3 Reasons To Consider This Underperforming Packaging Specialist

Smurfit Westrock (SW) stock is lagging since its NYSE debut. Learn 3 overlooked reasons to stay bullish: margin upside, 3.97% ...

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.