CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

As Southeast Asia emerges as a crucial region for Web3 user growth and the deployment of on-chain applications, market demand ...

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...

KelpDAO is migrating its rsETH token from LayerZero’s OFT standard to Chainlink’s CCIP after an April exploit drained $292 million. The project released evidence showing LayerZero approved the ...

AI search is a multiplicative system where one weak signal limits results. Diagnose bottlenecks, prioritize fixes, and ...

Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain ...

Home » Security Bloggers Network » Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework The post Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude ...

Mythos combined four separate low-severity bugs into a complete browser sandbox escape. Traditional scanners evaluate vulnerabilities in isolation. That assumption is now broken.

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million weekly downloads. The North Korean state actor Sapphire Sleet compromised the ...

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

NEW YORK, March 9 (Reuters) - Anthropic on Monday filed a lawsuit to block the Pentagon from placing it on a national security blacklist, escalating the artificial intelligence lab’s high-stakes ...