CSO Online

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
ZDNet

Hackers are disguising their malicious JavaScript code with a hard-to-beat trick

Over 25% of malicious JavaScript code is obfuscated by so-called 'packers', a software packaging method that has given attackers a way of evading signature-based detection, according to security and ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
TWCN Tech News

How to install JavaScript in VSCode

Visual Studio Code is a code editor that is completely free and open-source. It has been developed by Microsoft and is highly regarded by developers due to its lightweight, fast, and extensible design ...
Hosted on MSN

Level up your AP CSP projects with JavaScript skills

Why it matters: JavaScript lets AP CSP students design interactive projects that clearly meet rubric criteria and engage users. Where to start: Code.org’s App Lab offers AP CSP-aligned tools, while ...
InfoWorld

How to gracefully migrate your JavaScript programs to TypeScript

TypeScript is a variant of JavaScript that provides strong type information, a powerful development tool that minimizes bugs and makes JavaScript programs easier to build in enterprise settings.
9to5Mac

Developer creates tool that shows injected JavaScript commands through an in-app browser

A few days ago, developer Felix Krause shared a detailed report on how mobile apps can use their own in-app web browser to track user data. Now Krause is back with a new tool that lets anyone see ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...