The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
InfoWorld

Supply-chain attacks take aim at your AI coding agents

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the ...
How-To Geek on MSN

How to use Claude as a coding tutor that tracks my progress (prompt included)

I built a coding tutor that won't let me cheat my way through it. Here's the prompt.

Real estate businesses get new opportunity to take bonus depreciation — but what’s the trade-off?

Last month, the IRS made a seemingly modest change that could translate into a significant tax advantage for many real estate ...
Morning Overview on MSN

Hackers poisoned the PyTorch Lightning AI package and it started stealing credentials the moment you imported it

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...
Opinion
Database Trends and ApplicationsOpinion

Perforce Software Supports Rust Language in Perforce Static Analysis

Perforce Software, the modern DevOps Tech Stack for AI governance, announced support for Rust language in its 2026.1 release for Perforce Static Analysis solutions QAC and Klocwork.