RenderATL 2026 to Host OpenJS Summit: Spotlighting the Future of JavaScript

Additional details for RenderATL 2026 and the OpenJS Summit, including programming themes and speaker participation, will be announced in the coming months. For more information about RenderATL, ...

ReversingLabs 2026 Software Supply Chain Security Report Identifies 73% Increase in Malicious Open-Source Packages

According to the firm’s latest supply chain security report, there was a 73% increase in detections of malicious open-source packages in 2025. The past year also saw a huge jump in the scope of ...

Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
The Hacker News

Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

A critical Grist-Core flaw (CVE-2026-24002, CVSS 9.1) allows remote code execution through malicious formulas when Pyodide ...
InfoWorld

16 open source projects transforming AI and machine learning

From fine-tuning open source models to building agentic frameworks on top of them, the open source world is ripe with ...

Jamf has a warning for macOS vibe coders

Just yesterday, we noted the growing threat of ransomware. Now, Jamf Threat Labs is warning that North Korean threat actors ...
SecurityWeek

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.
InfoWorld

Back to the future: The most popular JavaScript stories and themes of 2025

Artificial intelligence and its promise to revolutionize programming—and possibly overthrow human sovereignty—is a central story of the post-Covid world. But for JavaScript developers, it is only one ...