Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Anthropic response to 1-click pwn: Shouldn't have clicked 'ok'

The TrustFall proof-of-concept attack demonstrates how a cloned code repository can include two JSON files (.mcp.json and ...

Bun posts Rust porting guide, says rewrite is still half-baked

Bun creator Jarred Sumner has posted a Zig-to-Rust porting guide, igniting speculation that the project may migrate away from ...

Homebridge 2.0 is here, and it speaks Matter

Today, May 4th, Homebridge 2.0, which has been in beta for over three years, officially launches. Along with other ...
EE World Online

OpenClaw is open-source edge AI for (almost) every application

OpenClaw is being touted as the “operating system for personal AI.” It’s being supported by a wide array of companies, ...

Bridge more Apple Home & Matter devices with Homebridge 2.0

After years in beta, Homebridge 2.0 brings support for even more devices to Apple Home, as well as other Matter platforms.
Cult of Mac

Homebridge 2.0 lets more smart devices work with Apple Home

Now that open-source Homebridge 2.0 adds Matter support, longtime fans and new users can expand devices they use with Apple's ...
How-To Geek on MSN

How to use Claude as a coding tutor that tracks my progress (prompt included)

I built a coding tutor that won't let me cheat my way through it. Here's the prompt.
Morning Overview on MSN

Malicious open-source packages have surged 73% in 2026 as attackers poison the software supply chain

In March 2026, someone hijacked a maintainer account for Axios, a JavaScript HTTP library downloaded more than 45 million ...
TMCnet

Confidential Computing Summit 2026 Schedule Showcases Next Era of AI Sovereignty

The Linux Foundation and OPAQUE announced the schedule for Confidential Computing Summit 2026, which will be held in San Francisco, California, on June 23-24, 2026.