InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Instructure reaches 'agreement' with ShinyHunters to stop data leak

Instructure, the edtech giant behind the widely popular Canvas learning management system (LMS), has reached an "agreement" ...

Google Chrome security flaw: Government flags bugs found in recent version; here's what you need to know and do

CERT-In flags multiple vulnerabilities in Google Chrome that could allow remote code execution and data theft, urging users to update the browser immediately.
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Backdoored PyTorch Lightning package drops credential stealer

A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
The Herald Bulletin

Las Vegas heads to Los Angeles for conference matchup

Los Angeles hosts Las Vegas in a matchup of Western Conference teams. The teams meet Sunday for the first time this season.
SecurityWeek

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...

Google’s Mueller On Why AI-Built Websites Miss SEO Basics

AI tools can build websites fast, but Mueller says they won't set up your canonicals, sitemaps, or robots.txt unless you tell ...

Apple Releases Safari Technology Preview 243 With Bug Fixes and Performance Improvements

Apple today released a new update for Safari Technology Preview, the experimental browser that was first introduced in March ...

Québécois dubbing of The Simpsons to continue after fan protest

The version of The Simpsons dubbed in Québécois French has been saved after Bell Media reached a deal with Disney ...