WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity ...

Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...
GitHub

AST :: ASS Subtitles Translate

1/ Install a working distribution of Python 3 in your computer. (Tested with Python 3.11.0) 2/ Create a virtual environment somewhere in your system. 3/ Activate your virtual environment. 4/ Install ...
IEEE

Good News for Script Kiddies? Evaluating Large Language Models for Automated Exploit Generation

Abstract: Large Language Models (LLMs) have demonstrated remarkable capabilities in code-related tasks, raising concerns about their potential for automated exploit generation (AEG). This paper ...