Bleeping Computer

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system. The open-source ...
The Hacker News

npm’s Update to Harden Their Supply Chain, and Points to Consider

First, people need to remember that the original attack on tools like ChalkJS was a successful MFA phishing attempt on npm’s ...
InfoWorld

Beyond NPM: What you need to know about JSR

Here's how the JavaScript Registry evolves makes building, sharing, and using JavaScript packages simpler and more secure ...
InfoQ

Nuxt Studio Released: Open Source CMS for Content Editing in Production

Introducing Nuxt Studio: the ultimate open-source content management solution for Nuxt websites, offering a powerful self-hosted module for complete control over your content. With an intuitive visual ...