Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

Flexxbotics Expands OPC UA Transformer Capabilities in Open-Source GitHub Project

The updated OPC UA transformer connector driver is available now as part of the Transformers open-source repository.

Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

Koi security researchers found that when NPM installs a dependency from a Git repository, configuration files such as a ...
Hackaday

The CURL Project Drops Bug Bounties Due To AI Slop

Over the past years, the author of the cURL project, [Daniel Stenberg], has repeatedly complained about the increasingly poor ...
InfoWorld

16 open source projects transforming AI and machine learning

From fine-tuning open source models to building agentic frameworks on top of them, the open source world is ripe with ...
TechAnnouncer

Find the Best LeetCode Solution on GitHub: A Comprehensive Guide

Many developers share their LeetCode solutions on GitHub. Look for repositories that are well-organized by topic or problem number, have clear explanations, and show good code quality. Some popular ...