The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

Cubs agree to minor league contracts with outfielder Chas McCormick and reliever Trent Thornton

The Chicago Cubs have agreed to minor league contracts with outfielder Chas McCormick and reliever Trent Thornton that ...

Cody Bellinger is excited to rejoin the New York Yankees after a lengthy free agency

NEW YORK (AP) — Cody Bellinger listened to pitches from other teams during his second foray into free agency, but he made it clear to his agent that calls from the New York Yankees come first. It took ...
Indianapolis Business Journal

Tesla made smallest annual profit since pandemic, plans to spend big on robotaxis and robots

Founder Elon Musk has been urging investors to focus less on car sales and more on what he considers a bright new artificial ...
InfoQ

.NET 10 Becomes Available on AWS Lambda as Managed Runtime and Base Image

Amazon Web Services has announced that AWS Lambda now supports the creation of serverless applications using .NET 10. With this update, developers can use .NET 10 both as a managed runtime and as a ...