The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Backdoored PyTorch Lightning package drops credential stealer

A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a ...

60,000 WordPress sites at risk due to plugin security flaw

Hackers can now take over WordPress sites instantly using a simple plugin flaw ...