vm2 is a JavaScript sandbox for Node.js. Its development was actually discontinued in 2023. Another security vulnerability has been discovered in the software, allowing an escape from the secured ...

Microsoft has released emergency out-of-band security updates to patch a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The security feature bypass vulnerability, tracked ...

CISA confirmed on Wednesday that ransomware gangs have begun exploiting a high-severity VMware ESXi sandbox escape vulnerability that was used in zero-day attacks since at least February 2024.

This application serves as a webhook receiver for GitHub repositories. When configured as a webhook endpoint in a GitHub repository, it: webhook-repo/ ├── app/ # Main application package │ ├── __init_ ...

webhook-proxy/ ├── packages/ │ ├── core/ # 核心服务 (@webhook-proxy/core) │ │ ├── src/ │ │ │ ├── adapters/ # 平台适配器 ...

A total of 12 vulnerabilities have been fixed in OpenSSL, all discovered by a single cybersecurity firm. All 12 vulnerabilities patched in the open source SSL/TLS toolkit were discovered by ...

Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has been put to use by China-aligned APT actors since 2023 to target multiple ...

Abstract: Modern JavaScript engines employ multi-tier JIT compilation for high performance, but these aggressive optimizations often introduce subtle and hard-to-detect security vulnerabilities.