Bleeping Computer

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system. The security issue is tracked as CVE-2026-26956 and ...
Bleeping Computer

Microsoft Outlook to block more risky attachments used in attacks

Microsoft announced it will expand the list of blocked attachments in Outlook Web and the new Outlook for Windows starting next month. The company said on Monday in a Microsoft 365 Message Center ...