Latest news

CVE-2026-43898: Critical SandboxJS Escape (CVSS 10.0) Enables Full Host Takeover via npm
Vulnerability

CVE-2026-43898: Critical SandboxJS Escape (CVSS 10.0) Enables Full Host Takeover via npm

15 May 2026 dark6

A maximum-severity (CVSS 10.0) vulnerability in the SandboxJS npm library allows attackers to completely escape the JavaScript sandbox and execute...
Read more 0
CVSS 10.0: Critical Flowise AI Vulnerability Is Being Actively Exploited — 15,000+ Instances Still Exposed
AI

CVSS 10.0: Critical Flowise AI Vulnerability Is Being Actively Exploited — 15,000+ Instances Still Exposed

9 April 2026 dark6

A maximum-severity RCE vulnerability (CVE-2025-59528, CVSS 10.0) in the popular Flowise AI agent builder is under active attack. Over 15,000...
Read more 0
Chrome 143: A Patch Day For Deep Dive Cybersecurity Professionals
Vulnerability

Chrome 143: A Patch Day For Deep Dive Cybersecurity Professionals

3 December 2025 dark6

Google has just released Chrome 143, ushering in a new era of browser security with 13 addressed vulnerabilities. This release...
Read more 0