The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Online archives of over 20 years of tech reporting | The Register

Dive into The Register's online archive of incisive tech news reporting, features, and analysis dating back to 1998 ...

Hackers steal students’ data during breach at education tech giant Instructure

The data breach at education tech giant Instructure includes students' private data, according to a sample of the allegedly ...
SecurityWeek

Hacker Conversations: Joey Melo on Hacking AI

Joey Melo explains how he uses jailbreaking and data poisoning to manipulate AI guardrails and harden machine learning models ...

Trellix discloses data breach after source code repository hack

Cybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository ...

Amber Kanwar’s Weekly Setup: What to watch out for in this week’s earnings bonanza

MCD-N is trading around a 10-month low ahead of its earnings report this week. Since the war in Iran began, the stock is down ...
Nation

How Kenyan girls are shaping the future of ICT

The 21-year-old is the Country Lead for Girls in Robotics Kenya Chapter and co-founder of Space Shift, mentorship roles she ...

Hackers accessed personal information for up to 70,000 people in Canada Life data breach

One of Canada’s largest life and health insurers says a recent data breach has exposed the personal information of up to 70,000 customers, with the majority of accounts hacked belonging to one large ...
eWeek

Claude Cheat Sheet: A Complete Guide to Anthropic’s AI

AI thrives on data but feeding it the right data is harder than it seems. As enterprises scale their AI initiatives, they face the challenge of managing diverse data pipelines, ensuring proximity to ...
VentureBeat

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...