The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
Nature

AI chatbots are infiltrating social-science surveys — and getting better at avoiding detection

A researcher has created a chatbot that is indistinguishable from human participants in online surveys. Some researchers fear ...