Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Why Chrome may have quietly downloaded a 4GB file to your PC - and how to get rid of it

The file, which appears to be related to Google's on-device AI model, is harmless enough. Here's why some users may still be ...
Microsoft

ClickFix campaign uses fake macOS utilities lures to deliver infostealers

Threat actors are targeting macOS users with fake utility fixes that trick them into running malicious Terminal commands.