Dark Reading

VoidStealer Malware Darts Past Google Chrome's Encryption

Authors of the VoidStealer Trojan uncovered a way to get around Google's App-Bound Encryption (ABE), opening the door to ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
CSO Online

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
InfoWorld

The best JavaScript certifications for getting hired

Earn these JavaScript certs to demonstrate mastery of the most in-demand skills for the world’s most-used programming ...

Minister faces calls from MPs to amend lawful access bill to prevent compromising encryption

Public Safety Minister Gary Anandasangaree faced calls from opposition MPs Tuesday to amend the federal government’s lawful ...

Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...
Unite.AI

1Password Review: Never Worry About Password Breaches Again

Be honest with me. How many of your passwords are still some version of your pet’s name followed by a number? Studies have shown that roughly 80% of data breaches involve weak or reused passwords.

Elite corporate lawyers accused of earning millions on insider trading, using bizarre code like, ‘How’s the rabbi?’

A ring of elite corporate lawyers were accused of illegally trading on inside info about blockbuster deals over a decade, ...

Lawful-access bill could threaten encryption, deter investment, Chamber of Commerce warns

Bill would require telecoms, internet companies to change systems to give surveillance, monitoring capabilities to ...
BGR

Are Encrypted USB Drives Actually Worth It?

As portable storage declines in favor of cloud services, the question of whether an encrypted USB drive is worth it has moved from convenience to security. Cloud storage, AirDrop, and messaging apps ...