Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
SecurityWeek

Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover

ClaudeBleed, a vulnerability in Claude in Chrome, allows malicious extensions to hijack the AI agent for nefarious purposes.

OpenAI Codex can now work directly in Chrome on macOS and Windows

OpenAI is changing the way we interact with the web by bringing Codex directly into your browser. This new integration allows ...

AWS Rex Is a Big Step for Agentic AI Security, But Not the Final Layer

AWS Rex adds runtime guardrails for agentic AI, but security leaders still need data-layer controls to satisfy compliance and ...