The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

Clippers beat the Jazz 115-103 behind Leonard’s 25th straight game with more than 20 points

Kawhi Leonard scored 21 points, James Harden had 16 points and 10 assists, and the Los Angeles Clippers beat the Utah Jazz ...

Brunson, Knicks use a big fourth quarter to beat the Kings 103-87 for their 3rd straight win

Jalen Brunson scored 28 points and the New York Knicks dominated the fourth quarter to beat the Sacramento Kings 103-87 for their third straight victory.
GitHub

Keycloak JS

Keycloak is an Open Source Identity and Access Management solution for modern Applications and Services. This repository contains the client-side JavaScript library that can be used to secure web ...
The Malaysian Reserve

RenderATL 2026 to Host OpenJS Summit: Spotlighting the Future of JavaScript

Dedicated single-track experience connects developers, maintainers, and technical leaders for hands-on learningATLANTA, Jan.
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...
GitHub

A modest JavaScript framework for the HTML you already have

Stimulus is a JavaScript framework with modest ambitions. It doesn't seek to take over your entire front-end—in fact, it's not concerned with rendering HTML at all. Instead, it's designed to augment ...

New Android malware uses AI to click on hidden browser ads

A new family of Android click-fraud trojans leverages TensorFlow machine learning models to automatically detect and interact ...