Arabian Post

SAP developers face npm supply shock

Malicious code inserted into four SAP-related npm packages exposed developer workstations and automated build systems to credential theft, marking a sharp escalation in attacks against open-source ...

Google stopped a zero-day hack that it says was developed with AI

Google researchers found evidence in the exploit’s code that it may have been created using AI, like a “hallucinated” CVSS ...
CSO Online

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
The Hacker News

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

Weekly cybersecurity recap covering zero-days, malware, phishing, supply chain attacks, cloud threats, AI security risks, and ...

Canvas hack strands university students during finals week

Students attempting to access grades, study materials and quizzes were met instead with a message from a hacking group on ...

The Canvas Hack Is a New Kind of Ransomware Debacle

Thousands of schools around the US were paralyzed on Thursday after education tech firm Instructure shut down access to its ...

Hackers deface school login pages after claiming another Instructure hack

The cybercrime group ShinyHunters claimed to have hacked Instructure again, defacing the login pages of several Instructure ...
SecurityWeek

Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking

Claude Code vulnerability allows attackers to intercept OAuth tokens, enabling access to connected SaaS platforms and ...

University of Toronto among Canadian schools targeted in widespread cyberattack on Canvas system

The University of Toronto, the University of British Columbia and the University of Alberta are among the largest Canadian schools affected by a hack that potentially touched more than 8,000 ...
PCGamesN

Fisch codes May 2026

May 9, 2026: Today's your last chance to redeem the last new Fisch code from the Takeover event. What are the new Fisch codes? Promising the pinnacle of exploration and progression on Roblox, Fisch ...