The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
The Caledonian-Record

UnionPay Enables 25 International Wallets to Support Weixin Pay QR Code in China’ Mainland

SHANGHAI, CHINA - Media OutReach Newswire - 28 January 2026 - When Thai tourist Naree visited Shanghai, she paid easily for ...

Greenberg appoints Donald Robinson Jr. to lead Louisville codes department

The former deputy director is returning to Metro Government to lead the department at the center of Louisville’s development ...

RenderATL 2026 to Host OpenJS Summit: Spotlighting the Future of JavaScript

Additional details for RenderATL 2026 and the OpenJS Summit, including programming themes and speaker participation, will be announced in the coming months. For more information about RenderATL, ...

Supreme Court to decide how 1988 videotape privacy law applies to online video

The Supreme Court is taking up a case on whether Paramount violated the 1988 Video Privacy Protection Act (VPPA) by ...

Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
CSO Online

AI-powered polymorphic attack lures victims to phishing webpages

A new breed of malware uses various dynamic techniques to avoid detection and create customized phishing webpages.

Hackers are using LLMs to build the next generation of phishing attacks

What if a phishing page was generated on the spot?

Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

Koi security researchers found that when NPM installs a dependency from a Git repository, configuration files such as a ...

These were the hottest housing markets in New York City's outer boroughs in Q4

One local ZIP code emerged as the hottest housing market in Q4, with homes selling faster and prices showing stronger ...

Farhad Manjoo

Find the latest Farhad Manjoo news from Fast company. See related business and technology articles, photos, slideshows and ...

Yottaa Launches Industry-First MCP Server Purpose-Built for eCommerce Performance Intelligence

Yottaa, the leading cloud platform for accelerating and optimizing eCommerce experiences, today announced the launch of its Model Context Protocol (MCP) server--making Yottaa the first ...