Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

Inside SearchGuard: How Google detects bots and what the SerpAPI lawsuit reveals

We fully decrypted SearchGuard, the anti-bot system protecting Google Search. Here's exactly how Google tells humans and bots apart.
GitHub

Modern JavaScript runtime in Python

Note: jsrun is under development. Expect breaking changes between minor versions. One of the most compelling use cases for jsrun is building safe execution environments for AI agents. When LLMs ...
IEEE

Study of JavaScript Static Analysis Tools for Vulnerability Detection in Node.js Packages

Abstract: With the emergence of the Node.js ecosystem, JavaScript has become a widely used programming language for implementing server-side web applications. In this article, we present the first ...