Infosecurity Magazine

Critical and High Severity n8n Sandbox Flaws Allow RCE

Two critical security flaws in n8n have exposed sandboxing vulnerabilities, enabling remote code execution for attackers ...
The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, ...
CSO Online

Unplugged holes in the npm and yarn package managers could let attackers bypass defenses against Shai-Hulud

A researcher at Koi Security says the two key platforms have not plugged the vulnerabilities enabling the worm attacks, and ...

Judge weighing whether to allow April votes on new Missouri property tax caps

While the Kansas City Chiefs are leaving Missouri and won’t use the incentives lawmakers created for them last summer, the ...

Miami officials reject item to allow affordable housing on church and civic land

In recent years, South Florida has already seen more religious organizations sell their land to developers.

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
SecurityWeek

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

LayerX discovered 16 extensions in the Chrome Web Store and Microsoft Edge Add-ons marketplace that steal users’ ChatGPT ...

Israel eyes opening Rafah crossing, Gaza's gate to Egypt

After being closed since May 2024, the Rafah crossing will likely soon reopen, allowing people to move between Gaza and Egypt ...

Italian government plays down role of ICE agents at Olympics after public outcry

Officers at Milan Cortina Games will work ‘exclusively in diplomatic premises’ at U.S. consulate, minister says ...

AT&T bets on fibre, spectrum deals to forecast annual profit above estimates

The bullish forecast hinges on AT&T’s infrastructure push, anchored by two major deals – a nearly US$6-billion purchase of ...

Donald Trump is no chump and won't allow slaughter in Iran, says US ambassador to Israel

Mike Huckabee spoke about the possibility of military intervention in Iran, as well as Britain's recognition of the state of Palestine - saying that decision was "ill-timed" and "very damaging".