The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.
Infosecurity Magazine

Critical and High Severity n8n Sandbox Flaws Allow RCE

Two critical security flaws in n8n have exposed sandboxing vulnerabilities, enabling remote code execution for attackers ...

'Good time for a reset' at Coventry

While things might be feeling nervy around Coventry City this week, their blip might have come at a perfect time, says EFL ...

Cubs agree to minor league contracts with outfielder Chas McCormick and reliever Trent Thornton

The Chicago Cubs have agreed to minor league contracts with outfielder Chas McCormick and reliever Trent Thornton that ...

Bilodeau scores 18, UCLA beats short-handed Oregon 73-57, extends Ducks' skid to 7 games

EUGENE, Ore. (AP) — Tyler Bilodeau had 18 points, Eric Daily Jr. had his second double-double this season, and UCLA beat short-handed Oregon 73-57 on Wednesday night to extend the Ducks' losing streak ...