SecurityWeek

Critical N8n Sandbox Escape Could Lead to Server Compromise

A critical n8n flaw could allow attackers to use crafted expressions in workflows to execute arbitrary commands on the host.
GitHub

A protobuf RPC framework for JavaScript and TypeScript

Twirp is a simple RPC framework built on protocol buffers. TwirpScript generates JavaScript or TypeScript clients and servers from .proto service specifications. The generated clients can be used in ...
GitHub

A simple way to serialize JavaScript objects into ArrayBuffers for high compression on the ...

Superbuffer makes it easy to serialize and deserialize data from ArrayBuffers matching the interfaces you define. Its Schema-Model API was inspired by typed-array-buffer-schema. Superbuffer was ...
The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
InfoQ

Google Releases Gemma 3 270M Variant Optimized for Function Calling on Mobile and Edge Devices

FunctionGemma is a new, lightweight version of the Gemma 3 270M model, fine-tuned to translate natural language into ...
InfoWorld

TypeScript levels up with type stripping

Say goodbye to source maps and compilation delays. By treating types as whitespace, modern runtimes are unlocking a “no-build” TypeScript that keeps stack traces accurate and workflows clean.
IEEE

FuncGrasp: Learning Object-Centric Neural Grasp Functions from Single Annotated Example Object

Abstract: We present FuncGrasp, a framework that can infer dense yet reliable grasp configurations for unseen objects using one annotated object and single-view RGB-D observation via categorical ...