Resources

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library that, if successfully exploited, could allow attackers to run arbitrary code on the underlying operating system.
The vulnerability, tracked as CVE-2026-22709, carries a CVSS score of 9.8 out of 10.0 on the CVSS scoring system.
“In vm2 for version 3.10.0, Promise.prototype.then Promise.prototype.catch

Related resources

16 September 2025

Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover

Cybersecurity researchers have disclosed multiple critical security vulnerabilities in Chaos Mesh that, if successfully exploited, could lead to cluster takeover in Kubernetes environments. “Attackers need only minimal in-cluster network access […]

23 December 2025

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites

Cybersecurity researchers have discovered two malicious Google Chrome extensions with the same name and published by the same developer that come with capabilities to intercept traffic and capture user credentials. […]

7 October 2025

New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise

For years, security leaders have treated artificial intelligence as an “emerging” technology, something to keep an eye on but not yet mission-critical. A new Enterprise AI and SaaS Data Security […]

Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan

Odd WebLogic Request. Possible CVE-2026-21962 Exploit Attempt or AI Slop?, (Wed, Jan 28th)

Resources

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

Related resources

Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites

New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise

Links

Enterprise Solutions

SMB Solutions

Contact Us

Follow Us