Bleeping Computer

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system. The open-source ...
blockchain

GitHub Actions Cache Gets 200 Upload-Per-Minute Rate Limit

GitHub introduces rate limiting for Actions cache entries at 200 uploads per minute per repository, addressing system stability concerns from high-volume uploads. GitHub has implemented a new rate ...
GitHub

Agentless, zero-dependency diagnostic data collection tool for PostgreSQL and system metrics.

radar supports Linux and macOS. Collectors: Some system collectors are platform-specific. Linux-only collectors (systemd, SELinux, /proc, /sys filesystems) will be skipped on macOS. macOS uses ...
Bleeping Computer

New FileFix attack uses cache smuggling to evade security software

A new variant of the FileFix social engineering attack uses cache smuggling to secretly download a malicious ZIP archive onto a victim’s system and bypassing security software. The new phishing and ...
GitHub

Cache Client Key for PostgreSQL SASL

SCRAM-SHA-256 is slow and expensive, especially when the number of iterations is high (the default is 4096). Even if we've potentially mitigated the event loop blocking in #4006, it's still a high ...
IEEE

On Design Space Exploration of Cache System in Multi-Chiplet Systems

Abstract: While multi-chiplet based many-core systems have emerged as a viable solution for heterogeneous integration and addressing manufacturing and technological challenges in the post-Moore’s Law ...
Hacker

I Built a WordPress-like Hook System for Node.js to Decouple My Code

Your browser does not support the audio element. If you've ever built a large Node.js application, you've probably felt the pain of tightly-coupled code. As features ...