Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

Koi security researchers found that when NPM installs a dependency from a Git repository, configuration files such as a ...
InfoWorld

16 open source projects transforming AI and machine learning

From fine-tuning open source models to building agentic frameworks on top of them, the open source world is ripe with ...
InfoWorld

Unplugged holes in the npm and yarn package managers could let attackers bypass defenses against Shai-Hulud

A researcher at Koi Security says the two key platforms have not plugged the vulnerabilities enabling the worm attacks, and ...

I used one simple script to remove AI from popular browsers (including Chrome and Firefox)

Chrome, Edge, and Firefox are full of bloatware, with AI among the features most of us don't want. This free tool is your ticket back to the good old days.

Heroic former PC Gamer writer creates a script to banish all the AI features from Google Chrome

Wes has been covering games and hardware for more than 10 years, first at tech sites like The Wirecutter and Tested before joining the PC Gamer team in 2014. Wes plays a little bit of everything, but ...
Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...
The Atlantic

The Plan That Foretold Trump’s 2025

This is an edition of The Atlantic Daily, a newsletter that guides you through the biggest stories of the day, helps you discover new ideas, and recommends the best in culture. Sign up for it here. A ...
PBS

Tracking how much of Project 2025 the Trump administration achieved this year

This story was originally published by The 19th. In the months leading up to his election, President Donald Trump insisted that he had nothing to do with the far-right vision for his second ...
Newsweek

Project 2025 Tracker Hits Major Milestone

An online tracker that measures the extent to which Project 2025 has been implemented by the government has hit a 50 per cent milestone. According to a website created by two Reddit users, titled ...
Wall Street Journal

U.S. Pitches ‘Project Sunrise’ Plan to Turn Gaza Into High-Tech Metropolis

WASHINGTON—Beachside luxury resorts. High-speed rail. AI-optimized smart grids. Welcome to “Project Sunrise,” the Trump administration’s pitch to foreign governments and investors to turn Gaza’s ...
Reuters

Exclusive: How China built its ‘Manhattan Project’ to rival the West in AI chips

SINGAPORE, Dec 17 (Reuters) - In a high-security Shenzhen laboratory, Chinese scientists have built what Washington has spent years trying to prevent: a prototype of a machine capable of producing the ...