The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

Derbyshire council to stop using Twitter after dubbing it 'vile platform'

It has been using the social media platform since 2010 but will now end that use as soon as possible ...
PCMag

Using Browser Extensions to Translate or Download Videos? Better Check They're Not One of These 17 Malicious Add-Ons

The most popular malicious extension, dubbed Google Translate in Right Click, was downloaded more than 500,000 times from app ...
The Roanoke Times

TikTok finalizes deal to form new American entity

TikTok finalized a deal to create a new American entity, avoiding the looming threat of a ban in the United States that was ...
NBC News

Senators urged Apple and Google to remove Musk’s X and Grok from app stores over sexual deepfakes

Three Democratic senators urged Apple and Google to remove Elon Musk’s apps X and Grok from their app stores Thursday evening after xAI’s Grok artificial intelligence tool had been used to flood X ...
wvlt

Joey Aguilar had surgery to remove benign tumor, report says

KNOXVILLE, Tenn. (WVLT) - Tennessee QB1 Joey Aguilar had surgery Friday to remove a benign tumor from his arm, according to NFL Network’s Ian Rapoport. Rapoport, citing sources, said the tumor was ...