The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

QB Darian Mensah joins Miami Hurricanes after legal battle with Duke

Darian Mensah has enrolled at Miami, giving the Hurricanes another standout transfer at quarterback as they come off a season ...
ScanNetSecurity

binary-parser ライブラリにコードインジェクションの脆弱性

独立行政法人情報処理推進機構(IPA)および一般社団法人JPCERT コーディネーションセンター(JPCERT/CC)は1月23日、binary-parserライブラリにおけるコードインジェクションの脆弱性について「Japan ...

OWGR set to meet this week. A decision whether to let in LIV Golf could be near

SAN DIEGO (AP) — The LIV Golf League added to its roster by signing NCAA champion Michael La Sasso. It also removed from its ...
Indianapolis Business Journal

Marion County Prosecutor Ryan Mears launches reelection bid

Speaking to reporters Tuesday, the Indianapolis Democrat was coy about the prospect of a potential mayoral run in 2027.
InfoQ

.NET 10 Becomes Available on AWS Lambda as Managed Runtime and Base Image

Amazon Web Services has announced that AWS Lambda now supports the creation of serverless applications using .NET 10. With this update, developers can use .NET 10 both as a managed runtime and as a ...