Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Moderne Expands Agent Tools Platform with C# Support for Deterministic .NET Transformation

Moderne, the Agent Tools company for AI-driven software engineering, today announced C# language support across its platform, extending deterministic, large-scale code transformation to .NET codebases ...
SecurityWeek

Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover

ClaudeBleed, a vulnerability in Claude in Chrome, allows malicious extensions to hijack the AI agent for nefarious purposes.
The Caledonian-Record

BitsStrategy Launches Powerful Fully Automated AI Trading Bot to Capture 24/7 Crypto Market ...

The cryptocurrency market never stops running. Bitcoin, Ethereum, Dogecoin, and other digital assets can move quickly overnight, on weekends, or when ...
InfoWorld

Supply-chain attacks take aim at your AI coding agents

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the ...

Paris St-Germain set up Arsenal final after knocking out Bayern

Reaction as Paris St-Germain beat Bayern Munich 6-5 on aggregate to set up Champions League final against Arsenal.
The Caledonian-Record

MoneyFlare Launches Powerful Fully Automated AI Trading Bot to Unlock New Opportunities in ...

Crypto and stock markets are becoming faster, more complex, and more data-driven. For everyday users, manually analyzing charts, judging entry opportunities, ...
Bitdefender

ClickFix Campaign Uses Compromised WordPress Sites to Spread Vidar Stealer in Australia

Cybercriminals are increasingly relying on social engineering instead of traditional exploits, and Australian authorities are ...

Pierre Poilievre encounters nothing but jerks, all day long

In his speech at the CSFN this week, Poilievre went all-in on the argument he’s now settled on: that he really won the ...

Kaltura Open-Sources Suite of AI Agent Skills, Enabling Any AI Agent to Build Intelligent Rich-Media Digital Experiences

(Nasdaq: KLTR), the Agentic Digital Experience company, today announced the open-source release of a suite of AI agent skills ...