Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
GitHub

throw new ERR_MODULE_NOT_FOUND

Error [ERR_MODULE_NOT_FOUND]: Cannot find module 'D:\Nodejs\node-v20.19.4-win-x64\node_global\node_modules@google\gemini-cli\node_modules@google\gemini-cli-core\dist ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...
GitHub

clawdhub@0.3.0 on npm missing dependency 'undici' (ERR_MODULE_NOT_FOUND)

Repro (Linux, Node v22.20.0, npm 10.9.3):\n\n1) npm i -g clawdhub@0.3.0\n2) clawdhub search "calendar"\n\nResult:\n\nError [ERR_MODULE_NOT_FOUND]: Cannot find package ...
Bleeping Computer

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system. The open-source ...
Circuit Digest

NeuroBand: The Smart Safety Band

NeuroBand is a specialized smart safety armband engineered to provide timely assistance to elderly and high-risk individuals ...
The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library that, if successfully exploited, could allow attackers to run arbitrary code on the underlying operating ...