InfoWorld

Beyond NPM: What you need to know about JSR

Here's how the JavaScript Registry evolves makes building, sharing, and using JavaScript packages simpler and more secure ...

JavaScript Sandbox vm2: Critical Vulnerability Allows Escape

The JavaScript sandbox vm2 for Node.js was actually discontinued. Now an update closes a critical security vulnerability.
The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
InfoQ

Google Releases Gemma 3 270M Variant Optimized for Function Calling on Mobile and Edge Devices

FunctionGemma is a new, lightweight version of the Gemma 3 270M model, fine-tuned to translate natural language into ...

Hispanic voters sent Trump back to power. Now some are souring

Data from the new CBS poll shows that a significant majority of Latinos - 61% - disapprove of Trump's handling of the economy ...
Phys.org

Fluid gears rotate without teeth, offering new mechanical flexibility

A team of New York University scientists has created a gear mechanism that relies on fluids to generate rotation. The invention holds potential for a new generation of mechanical devices that offer ...