Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
InfoWorld

Unplugged holes in the npm and yarn package managers could let attackers bypass defenses against Shai-Hulud

A researcher at Koi Security says the two key platforms have not plugged the vulnerabilities enabling the worm attacks, and ...
Snopes.com

Project 2025 called for 're-hemisphering' in Latin America. Trump's actions in Venezuela went further

Page 184 of Project 2025 does use the word "re-hemisphering" when discussing Latin America. It uses the word in an economic context rather than a militaristic or interventionist context, with a goal ...