Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.
Cybernews

North Korea is turning open-source projects into malware traps

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...

Windows 11 25H2 vs Windows 10: Which is Faster for Gaming?

Microsoft loves to promote Windows 11 25H2's AI features and other improvements, but can it game faster than Windows 10? We tested 14 modern titles to ...
XDA Developers on MSN

How to enable DLSS 4.5 on any supported GPU

If you're running any RTX series GPU, you can try out the new DLSS 4.5.