Ars Technica

Who put this JavaScript in my COBOL? Node.cobol, that’s who

Last August, we told you about a project posted on GitHub by Romanian software developer Bizău Ionică that makes it possible for snips of legacy COBOL code to run within the JavaScript code of the ...
The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
adtmag.com

New in Node.js: Certified Modules, Free Orgs Collaboration Tool

New developments in the popular Node.js ecosystem include curated Certified Modules from NodeSource and a free version of the Orgs collaboration tool from npm Inc. Node.js is an open source, ...