Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Chicago software firm with growing Seattle-area presence names local exec as CEO

He joined the company about a year ago as chief operating officer.

8 things to know: Under Armour exec leaves to join footwear maker

Faidley's sister restaurant is finally opening, a Columbia wealth management firm is set to be acquired and more to know this ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Windows 11 still runs on code from the 1990s, Microsoft admits

Microsoft's Win32 API dates back to Windows 95, and a senior exec says nobody expected it to still be essential in 2026.

From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...
The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.
SecurityWeek

SAP NPM Packages Targeted in Supply Chain Attack

Four SAP NPM packages compromised in the Mini Shai-Hulud supply chain attack trigger a Bun runtime to install an information ...

Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months

Adobe patches a critical PDF flaw exploited for months, allowing attackers to bypass sandbox protections and deliver malware. Users urged to update now.
The Caledonian-Record

PU Prime Champions Global Excellence as Regional Sponsor of AFA with the Launch of “PU World ...

As the world prepares for the most anticipated sporting event on the planet, PU Prime, a leading global brokerage and ...
The Quad-City Times

DeWitt teen accused of sexual abuse of a 12-year-old girl

The 19-year-old was arrested Saturday and booked into the Clinton County Jail. He was released from the jail after posting a ...