Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Backdoored PyTorch Lightning package drops credential stealer

A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
The Hacker News

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

Critical cPanel flaw under attack, Copy Fail Linux privilege escalation, TeamPCP supply chain campaign, GitHub RCE & major ...
Security Boulevard

12 Best Auth0 Alternatives for Passwordless Authentication in 2026

Compare 12 Auth0 alternatives for passwordless auth in 2026: pricing, key differentiators, and honest limitations from a security analyst." seo_keywords: "auth0 alternatives, passwordless ...
Security Boulevard

Are Magic Links Secure: A Technical Deep Dive Into Email Based Authentication

Are magic links secure? A security analyst breaks down token entropy, replay protection, expiry, device binding, and email compromise risks for MojoAuth users.

Security Patches news | The Register

Emergency patches out now for those managing the millions of domains assumed to be affected This CVSS 10.0 RCE vuln has been ...