In March 2026, someone hijacked a maintainer account for Axios, a JavaScript HTTP library downloaded more than 45 million ...

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. The tool is highly ...

If you have a JavaScript (*.js) file containing code, it's not unusual for your code to reference code held in another JavaScript file. If you're using more recent versions of Visual Studio, you'll ...

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Visual Studio Code is a great, free, cross-platform, open source code editor with an extensive library of prebuilt extensions for all kinds of useful, add-on functionality. Sometimes, however, you don ...

Over the last few weeks, social media has been filled with complaints about Anthropic's Claude Code feeling slower and dumber, which was evident in the coding quality and the increased memory issues.

A flaw in Cursor’s AI agent lets malicious repositories trigger arbitrary code execution through routine Git operations, now ...

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...

Mozilla says Firefox 150 patches 271 vulnerabilities found with Anthropic’s restricted Mythos AI, highlighting how quickly AI-driven bug hunting is accelerating.