Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

Koi security researchers found that when NPM installs a dependency from a Git repository, configuration files such as a ...
GitHub

GopherJS - A compiler from Go to JavaScript

GopherJS compiles Go code (go.dev) to pure JavaScript code. Its main purpose is to give you the opportunity to write front-end code in Go which will still run in all browsers. Nearly everything, ...
GitHub

Dash-Industry-Forum/dash.js

dash.js is a JavaScript based implementation for the playback of MPEG DASH content in browser based environments that support the Media Source Extensions and the Encrypted Media Extensions.