The vm2 sandbox component of the open-source JavaScript runtime environment Node.js is vulnerable with certain settings.

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Popular channel offering practical Node.js tutorials, REST API projects, and backend fundamentals with clear explanations ...

Earn these JavaScript certs to demonstrate mastery of the most in-demand skills for the world’s most-used programming ...

Node.js does not need more theatrical security output. It needs better developer workflow infrastructure. It needs tools that ...

The open-source framework introduces an experimental animation backend and outsources the Jest testing framework into its own package.

The threat actor behind the Axios supply chain attack has been aiming at other maintainers in its social engineering campaign. After inviting Saayman to a Slack workspace, the hackers scheduled a ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

So, you’re building a web app and trying to figure out if React or Vue.js is the way to go in 2026. It’s a big decision, and honestly, it can feel a bit overwhelming with all the options out there.