JavaScript Sandbox vm2: Critical Vulnerability Allows Escape

The JavaScript sandbox vm2 for Node.js was actually discontinued. Now an update closes a critical security vulnerability.
The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized ...
How-To Geek on MSN

Please stop over-coding your website: Use these 8 native HTML tags instead

These tags add menus, toggles, media, forms, and responsive images with minimal code.