Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Windows 11 still runs on code from the 1990s, Microsoft admits

Microsoft's Win32 API dates back to Windows 95, and a senior exec says nobody expected it to still be essential in 2026.

Moderne Expands Agent Tools Platform with C# Support for Deterministic .NET Transformation

Moderne, the Agent Tools company for AI-driven software engineering, today announced C# language support across its platform, extending deterministic, large-scale code transformation to .NET codebases ...
The Caledonian-Record

Mercer and Syndio Join Forces to Close the Gap Between Compensation Strategy and Pay Decisions

As part of an ongoing collaboration, Mercer becomes an advisory option for Syndio’s enterprise clients, pairing leading workforce and compensation advisory expertise with the industry’s leading pay ...
SecurityWeek

Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover

ClaudeBleed, a vulnerability in Claude in Chrome, allows malicious extensions to hijack the AI agent for nefarious purposes.
The Caledonian-Record

BitsStrategy Launches Powerful Fully Automated AI Trading Bot to Capture 24/7 Crypto Market ...

The cryptocurrency market never stops running. Bitcoin, Ethereum, Dogecoin, and other digital assets can move quickly overnight, on weekends, or when ...
InfoWorld

Supply-chain attacks take aim at your AI coding agents

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the ...

Paris St-Germain set up Arsenal final after knocking out Bayern

Reaction as Paris St-Germain beat Bayern Munich 6-5 on aggregate to set up Champions League final against Arsenal.
Bitdefender

ClickFix Campaign Uses Compromised WordPress Sites to Spread Vidar Stealer in Australia

Cybercriminals are increasingly relying on social engineering instead of traditional exploits, and Australian authorities are ...

PG&E helps Bay Area developer speed up attainable, all-electric homes

AlphaX is crediting improvements in PG&E’s new-business processes for the timely construction of 60 all-electric homes in ...