InfoWorld

Jailed JavaScript library runs untrusted code safely in browsers, Node.js

Jailed uses native JavaScript functions to run other libraries in a sandboxed environment, which could be the route to safer plugins and better automated testing of code A recently revised JavaScript ...
Bleeping Computer

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system. The security issue is tracked as CVE-2026-26956 and ...
InfoWorld

Node.js 18 updates OpenSSL support, enables fetch API

Experimental global fetch API that simplifies writing cross-platform HTTP request code is available by default in the latest version of the popular JavaScript runtime. Node.js 18, the latest version ...