The vm2 sandbox component of the open-source JavaScript runtime environment Node.js is vulnerable with certain settings.

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Mythos’s ability to autonomously exploit flaws challenges the notion of ‘secure by default’. , Technology & Science, Times ...

Several popular Roblox sandbox and simulation titles have rolled out new redeemable codes offering in-game boosts, while live player rankings highlight top-trending creative worlds. Games like Bee ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Emergency patches out now for those managing the millions of domains assumed to be affected This CVSS 10.0 RCE vuln has been ...

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the ...

Critical cPanel flaw under attack, Copy Fail Linux privilege escalation, TeamPCP supply chain campaign, GitHub RCE & major ...

VectorCertain LLC today announced new validation results demonstrating that its SecureAgent platform successfully detected ...

Mythos combined four separate low-severity bugs into a complete browser sandbox escape. Traditional scanners evaluate vulnerabilities in isolation. That assumption is now broken.

Every IT professional has sat through a vendor presentation where an incremental software update is pitched as a civilization-altering event. In late March 2026, the artificial intelligence industry ...