CSO Online

Critical bug in popular vm2 Node.js sandboxing library puts projects at risk

Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and ...
GitHub

LockLLM JavaScript/TypeScript SDK

LockLLM is a state-of-the-art AI security ecosystem that detects prompt injection, hidden instructions, and data exfiltration attempts in real-time. Built for production LLM applications and AI agents ...
GitHub

hilaliu/halo-theme-obsidian

I am working on a brand new theme called Aurora, therefore this theme currently is not actively maintained. If you are from my blog website, the theme displayed there is the new theme.
The Hacker News

Researchers Uncover NodeCordRAT Hidden in npm Bitcoin-Themed Packages

Cybersecurity researchers have discovered three malicious npm packages that are designed to deliver a previously undocumented malware called NodeCordRAT. The names of the packages, all of which were ...