A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Silver Fox spreads ABCDoor via 1,600 phishing emails in 2026 targeting India and Russia, enabling data theft and remote ...

ClickFix relies on tricking users into essentially hacking themselves by running commands that compromise their computers. In ...

UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...

In his final quarter at UChicago, fourth-year Ben Heim has been taking his own advice. As president of the International ...

Multiple SAP npm packages were compromised in a supply chain attack designed to steal developer credentials and tokens.

On April 27, 2026 fal launched developer and enterprise access to HappyHorse-1.0, the AI video model holding the #1 Elo ranking on the Artificial Analysis Video Arena in both Text-to-Video and ...

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.

Several sectors are implementing updated human verification systems to counter AI-generated content, cyberattacks, and online impersonation. Spotify launched a green checkmark to identify human ...

A zero-click exploit called DarkSword can silently compromise older iPhones through Safari with no user action. Devices on ...

The Offices of Guam Homeland Security and Civil Defense, in coordination with the Port Authority of Guam, will host two Incident Command System training sessions at the Port Authority’s training room ...