Researchers disclose critical sandbox escape bug in vm2 sandbox library

The development team behind the vm2 JavaScript sandbox library addressed a critical Remote Code Execution vulnerability. The developers behind the vm2 JavaScript sandbox module have addressed a critical vulnerability, tracked as CVE-2023-29017 (CVSS score 9.8), that could be exploited to execute arbitrary shellcode. vm2 is a sandbox that can run untrusted code in an isolated context […]

The post Researchers disclose critical sandbox escape bug in vm2 sandbox library appeared first on Security Affairs.

April 9, 2023
Read More >>

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Andrey Shevlyakov, an Estonian national, was charged in the US with conspiracy and other charges related to acquiring U.S.-made electronics on behalf of the Russian government and military. The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. The defendant was arrested in Estonia on […]

The post Estonian National charged with helping Russia acquire U.S. hacking tools and electronics appeared first on Security Affairs.

April 9, 2023
Read More >>

CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog

US CISA has added Veritas Backup Exec flaws, which were exploited in ransomware attacks, to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following five new issues to its Known Exploited Vulnerabilities Catalog: This week Mandiant researchers reported that an affiliate of the ALPHV/BlackCat ransomware gang, tracked as UNC4466, was observed […]

The post CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog appeared first on Security Affairs.

April 9, 2023
Read More >>