InfoQ

Java News Roundup: Jakarta EE 12, Spring Shell, Open Liberty, Quarkus, Tomcat, JHipster, Gradle

This week's Java roundup for January 26th, 2026, features news highlighting: an update on milestone and GA release schedule ...

Hackers hijack exposed LLM endpoints in Bizarre Bazaar operation

A malicious campaign is actively targeting exposed LLM (Large Language Model) service endpoints to commercialize unauthorized ...

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.