Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
If you are building a simple dashboard or a form-based application, the traditional JSON API (REST or GraphQL) approach is ...
BrowserAct Open-Sources Two AI Skills That Let Agents Actually Use the Web - Including One That Builds New Skills on Its Own ...
OpenAI reported no user data compromise after a supply-chain attack targeting the TanStack npm library, part of the broader ...
Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.
OpenAI said it found no evidence that user data was accessed after a supply-chain attack involving the TanStack npm library.
OpenAI confirmed on Wednesday that it found no evidence suggesting user data was compromised following a security incident ...
CVE-2026-41940 exploitation by 2,000 IPs enabled Filemanager backdoor attacks, causing credential theft and persistent access ...
Hundreds of npm packages infected by the self-propagating, credential-stealing worm from TeamPCP are related to the open ...
Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results