The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
Dark Reading

Yet Another Way to Bypass Google Chrome's Encryption Protection

Authors of the VoidStealer Trojan uncovered a way to get around Google's App-Bound Encryption (ABE), opening the door to ...

How Bailey’s Law and Bill C-16 target intimate partner violence and avoid overlap

Bill C-16’s efforts “are not in conflict” with Bailey’s Law, as the latter is “a targeted bill focused on intimate partner ...

The Browser Is Breaking Your DLP: How Data Slips Past Modern Controls

Your security controls aren't failing, they're missing where most of today's work actually happens. Keep Aware shows how ...
Microsoft

Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise

Microsoft Defender Research observed a large-scale credential theft campaign that exemplifies this trend, using code of ...

This critical Linux vulnerability is putting millions of systems at risk - how to protect yours

CVE-2026-31431, also known as Copy Fail, is a critical Linux kernel vulnerability that's been hiding out since 2017 and is ...

You might have fallen for this CAPTCHA scam without realizing — here's what to do now

Security experts reveal how easy it is to get fooled by this scam and what to do if you think you've been targeted.
Dentistry

How a dental membership plan is supporting Welsh practices under the new NHS dental contract

Louise Anderson explains how a dental membership plan is helping practices find stability during NHS contract reform in Wales ...
moneycontrol.com

New labour codes may raise PF contributions, but companies can use smart salary structuring to protect take-home pay

Did our AI summary help? The new labour code says your 'wages' should include most parts of your salary, like basic pay and dearness allowance. Some parts, such as House Rent Allowance (HRA), bonuses, ...
SecurityWeek

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware

UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...