SecurityWeek

‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks

Vulnerabilities in the NPM, PNPM, VLT, and Bun package managers could lead to protection bypasses and arbitrary code ...
CSO Online

Critical RCE bugs expose the n8n automation platform to host‑level compromise

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...
CSO Online

Critical bug in popular vm2 Node.js sandboxing library puts projects at risk

Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and ...
National Geographic news

10 night sky events to see in January, from Jupiter’s closest approach to peak Orion views

January doesn’t skimp on cosmic sightseeing. The month begins with a vibrant supermoon, continues with the year’s best Jupiter view, and ends with multiple moon-planet conjunctions. Aurora activity ...
GameSpot

Pokemon Go January 2026 Events: Raid Bosses, Spotlight Hours, Community Day, And More

GameSpot may get a commission from retail offers. Pokemon Go's Precious Paths season rolls on with a variety of events in January. In addition to a new assortment of Raid bosses and Spotlight Hours, ...