CSO Online

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
Threat Post

Lexmark Printers Open to Arbitrary Code-Execution Zero-Day

“No remedy available as of June 21, 2021,” according to the researcher who discovered the easy-to-exploit, no-user-action-required bug. Lexmark printers – those ubiquitous, inky office workhorses that ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
CSOonline

Researchers uncover RCE attack chains in popular enterprise credential vaults

Researchers have found 14 logic flaws in various components of HashiCorp Vault and CyberArk Conjur, two open-source credential management systems, allowing attacks that could bypass authentication ...