A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

Researchers disclosed two n8n vulnerabilities that let authenticated users bypass JavaScript and Python sandboxes to run ...

Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and ...

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, ...

CVE-2025-8088, a WinRAR vulnerability patched in July 2025, has been widely exploited by state-sponsored threat actors and cybercriminals.

A high severity flaw in WinRAR allows crooks to execute malware remotely.

January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity ...

To exploit the vulnerability, an attacker would need either system access or be able to convince a user to open a malicious ...

Two critical security flaws in n8n have exposed sandboxing vulnerabilities, enabling remote code execution for attackers ...

Russians, Chinese spies, run-of-the-mill crims … Come one, come all. Everyone from Russian and Chinese government goons to ...

The critical-rated flaw leaves unpatched systems open to full takeover Cisco has finally shipped a fix for a critical-rated ...