The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

Italian government plays down role of ICE agents at Olympics after public outcry

Officers at Milan Cortina Games will work ‘exclusively in diplomatic premises’ at U.S. consulate, minister says ...