The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
AARP

Medicare Names 15 New Drugs for Third Round of Cost-Cutting Price Negotiations

Lower prices from the third round of talks among Medicare and manufacturers will be announced in the fall but won’t go into ...