Infosecurity Magazine

Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core

A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a ...

AISLE Researchers Identify 12 New Security Vulnerabilities in OpenSSL Using AI-Driven Discovery

Vulnerabilities affect cryptographic software that is widely deployed across global infrastructure, enabling remote code ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...
SecurityWeek

‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks

Vulnerabilities in the NPM, PNPM, VLT, and Bun package managers could lead to protection bypasses and arbitrary code ...
SecurityWeek

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

LayerX discovered 16 extensions in the Chrome Web Store and Microsoft Edge Add-ons marketplace that steal users’ ChatGPT ...

Viral AI assistant ‘Clawdbot’ risks leaking private messages, credentials

Cybersecurity researchers have raised red flags about a new artificial intelligence personal assistant called Clawdbot, ...
Le Lézard

Clariness and SubjectWell Merge to Form Global, Full-Service Patient Recruitment Platform

Clariness and SubjectWell announced their merger to form one of the largest global, full-service patient recruitment platforms, combining global scale, scientific rigor, and patient-first design to ...
Le Lézard

Dale Carnegie Report Finds Organizational Health Improving, but Gaps in Key Areas Persist

Dale Carnegie today released its inaugural State of Organizational Health Report, a global study designed to help leaders benchmark their company's health against global and regional trends. The ...

Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.