The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Online archives of over 20 years of tech reporting | The Register

Dive into The Register's online archive of incisive tech news reporting, features, and analysis dating back to 1998 ...

Trellix discloses data breach after source code repository hack

Cybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository ...
Pro Game Guides

Roblox Don’t Get Caught For Hackers Codes (May 2026)

Updated: May 4, 2026 New codes like ILuvHackers, and SHANCIPEE are now available in our list below! Grab, run, and don't get ...

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...
HealthcareInfoSecurity

Socket Buys Secure Annex to Expand Supply-Chain Visibility

Socket’s acquisition of Secure Annex extends software supply-chain security beyond open-source dependencies into browser and ...
SecurityWeek

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.
Nation

How Kenyan girls are shaping the future of ICT

The 21-year-old is the Country Lead for Girls in Robotics Kenya Chapter and co-founder of Space Shift, mentorship roles she ...

Hackers accessed personal information for up to 70,000 people in Canada Life data breach

One of Canada’s largest life and health insurers says a recent data breach has exposed the personal information of up to 70,000 customers, with the majority of accounts hacked belonging to one large ...
eWeek

Claude Cheat Sheet: A Complete Guide to Anthropic’s AI

AI thrives on data but feeding it the right data is harder than it seems. As enterprises scale their AI initiatives, they face the challenge of managing diverse data pipelines, ensuring proximity to ...
VentureBeat

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...