Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Adobe patches a critical PDF flaw exploited for months, allowing attackers to bypass sandbox protections and deliver malware. Users urged to update now.

Mythos combined four separate low-severity bugs into a complete browser sandbox escape. Traditional scanners evaluate vulnerabilities in isolation. That assumption is now broken.

Anthropic's Mythos AI is being called powerful enough to uncover hidden cyber threats, but Mozilla's latest report shows how it can also help defend users. The company says Mythos Preview helped ...

Mythos’s ability to autonomously exploit flaws challenges the notion of ‘secure by default’.

If a website tells you to manually install a “Windows update” from a big blue download button, close that tab immediately. Malwarebytes has just spotted a fake Microsoft support website ...

As the way software is built fundamentally changes, Cloudflare introduces the infrastructure to power millions of autonomous, long-running agents ...

Anthropic's Mythos AI is being called powerful enough to uncover hidden cyber threats, but Mozilla's latest report shows how ...

There's a 15-year-old bug hiding in Firefox's element – one of the most boring tags in HTML. It survived over a decade of ...

The vm2 sandbox component of the open-source JavaScript runtime environment Node.js is vulnerable with certain settings.