The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

NodeSource Introduces N|Solid IDE to Solve the Broken Developer Workflow in the AI Era

AI now generates more than 50% of the world’s code, and growing. The tooling that catches what that code breaks in production was not made to keep up with that speed of delivery. NodeSource, the ...
Hosted on MSN

Node.js emerges as key hub for Google Gemini integration

Why Node.js matters: Its non-blocking architecture and rich ecosystem make Node.js ideal for scalable Gemini-powered ...
Analytics Insight

Top Web Development Books Every Developer Should Read in 2026

Overview:  AI coding tools are transforming software development, but strong programming fundamentals and system design ...

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
Decrypt

Hackers Insert Malware Into Mistral AI Software Download

Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...

Iranian hackers targeted major South Korean electronics maker

The Iran-linked hacking group MuddyWater (a.k.a. Seedworm, Static Kitten) launched a broad cyber-espionage campaign targeting ...

Latenode Launches Managed AI Automation Approach for Business Teams

Latenode, an AI workflow automation platform, today announced the launch of its managed AI automation approach for business teams that want workflows built, launched, and supported without handling ...

Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...

Why enterprises are moving away from unified comms suites toward custom VoIP apps

For mоre than a decade, unified communications platforms promised a clean solution to a messy problem: bring voice, messaging ...
Dark Reading

Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain

Hundreds of npm packages infected by the self-propagating, credential-stealing worm from TeamPCP are related to the open ...
The Hacker News

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.