The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
Visual Studio Magazine

Hands On with the New Agents Window in VS Code 1.120

VS Code 1.120 brings the Agents window to Stable preview, giving AI agent sessions and customizations a dedicated workspace.
InfoWorld

A better way to work with SQL Server

It’s time to switch to a new development tool for SQL Server and Azure SQL. Here’s how to get started with the MSSQL ...
SecurityWeek

Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover

ClaudeBleed, a vulnerability in Claude in Chrome, allows malicious extensions to hijack the AI agent for nefarious purposes.

MongoDB announces platform enhancements for enterprise-ready AI production

The company announced the availability of MongoDB 8.3, building on previous generations of the database software with ...

Moderne Expands Agent Tools Platform with C# Support for Deterministic .NET Transformation

Moderne, the Agent Tools company for AI-driven software engineering, today announced C# language support across its platform, extending deterministic, large-scale code transformation to .NET codebases ...

'ClickFix' attack tricks users into hacking themselves, ACSC warns

ClickFix relies on tricking users into essentially hacking themselves by running commands that compromise their computers. In ...

9 Reasons Firefox Is Better (And Worse) Than Google Chrome

Chrome is the undisputed champion of the web browser game, and for good reason. Firefox competes by offering certain ...

Firefox maker torches Google for building Prompt API into browser

The Prompt API, as Google describes it, "gives web pages the ability to directly prompt a browser-provided language model." ...
How-To Geek on MSN

How to use Claude as a coding tutor that tracks my progress (prompt included)

I built a coding tutor that won't let me cheat my way through it. Here's the prompt.