A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...

Team wins praise for adding 'disable all AI features' setting for devs who want a code editor to be only a code editor ...

PHP development is increasingly taking place outside the cloud. PHP 8.3 is mostly used. Windows is experiencing a comeback among operating systems.

In the first five months of 2026, security researchers have flagged more malicious packages on the npm registry than in all ...

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...

There is no single version of your website. There never was, but in 2026, the gap between what a user in Tokyo sees and what ...

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

"You'll need a new app to open this windowsdefender link" appears when Windows cannot open the Windows Security app using the ...

This blog is now closed – our live coverage continues here We’re closing this file now but our live coverage continues on a new blog here, including a summary of the latest key developments. Thanks ...