Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...
SecurityWeek

Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover

ClaudeBleed, a vulnerability in Claude in Chrome, allows malicious extensions to hijack the AI agent for nefarious purposes.
How-To Geek on MSN

How to use Claude as a coding tutor that tracks my progress (prompt included)

I built a coding tutor that won't let me cheat my way through it. Here's the prompt.
The Register-Herald

Why five first-time W.Va. candidates decided to run for office

In the May primary election, West Virginia voters will find many familiar names on the ballot, including incumbents looking ...
InfoWorld

Building AI apps and agents with Microsoft Foundry

Microsoft’s Azure-based AI development and deployment platform shines with a strong selection of models and agent types and ...
The Register-Herald

Boys prep soccer: Woodrow Wilson keeper Doss going to Concord

Defense was a big part of Woodrow Wilson’s run to a state championship in 2024 and state runner-up finish last fall. And, of ...

What Happens in the First 24 Hours After a New Asset Goes Live

When a new asset goes live, attackers start scanning within minutes. Sprocket Security shows how automated attacks move from ...
The Hacker News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...