Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
InfoQ

Aspire 13.1 Brings MCP Integration, CLI Enhancements, and Azure Deployment Updates

Aspire 13.1 has been released as an incremental update that builds on the polyglot platform foundation introduced with Aspire ...
InfoQ

Two Missing Characters: How a Regex Flaw Exposed AWS GitHub Repos to Supply-Chain Risk

AWS recently published a security bulletin acknowledging a configuration issue affecting some popular AWS-managed open-source ...
GitHub

thc1006/nephoran-intent-operator

The Nephoran Intent Operator is a proof-of-concept cloud-native platform that demonstrates the potential of intent-driven telecommunications orchestration. This MVP showcases how natural language ...
SecurityWeek

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.