Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow ...

Microsoft warned Exchange Server customers about critical OWA vulnerability CVE-2026-42897 affecting on-premises deployments.

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come ...

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to ...

On April 29, 2026, someone slipped malicious code into four widely used SAP software packages. Within days, the infection had ...

This vibe coding cheat sheet explains how plain-language prompts can build apps fast, plus the planning, testing, and ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

Sure, AI agents such as Mythos can find security vulnerabilities in software, but the bigger question is whether they can ...

Microsoft says attackers compromised the mistralai PyPI package with malware that executed on import, while researchers link ...