MP1st

Helldivers 2 Version 5.0.2 Brings Redacted Regiment Warbond via Update 1.005.002

Helldivers 2 update 1.005.002 is now out as version 5.0.2, and this brings the Redacted Regiment Warbond content this January ...
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...
CSO Online

Critical bug in popular vm2 Node.js sandboxing library puts projects at risk

Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and ...

Research reveals how these simple Chrome extensions are hawking your privacy

Research shows that even simple Chrome extensions can quietly invade user privacy, with some hijacking clipboards, ...