Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native ...

In two separate campaigns, attackers used the JScript C2 framework to target Chinese gambling websites and Asian government ...

Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and ...

FBI agents are executing a search warrant at the Fulton County elections office near Atlanta. An agency spokesperson confirmed the action on Wednesday. The search is taking place at the ...

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

A critical Grist-Core flaw (CVE-2026-24002, CVSS 9.1) allows remote code execution through malicious formulas when Pyodide ...

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...

An advisory was issued for a WordPress plugin vulnerability that can enable unauthenticated attackers to inject malicious ...