Security news aggregator

Latest coverage for Sandbox

Stay secure in the cyber world: Explore articles, latest trends, and expert insights on sandbox technology in information security. Click to learn more!

133 headlines in this view

Sandbox is a security mechanism used to execute, test, and analyze suspicious code or programs in an isolated environment. Within the realm of information security, a sandbox acts as a containment area where potentially harmful software can run without affecting the host device or network.

This technique provides an additional layer of security by enabling cybersecurity professionals to safely scrutinize the behavior of code without the risk of compromising the system's integrity. By leveraging sandboxes, organizations can thwart the execution of malicious software, understand attack vectors, and develop stronger defenses against future threats.

Showing 20 most recent headlines of 133 Filtered view

The Register 2 weeks ago

Even Claude agrees: hole in its sandbox was real and dangerous

Another day, another AI bug silently fixed with no CVE and no public disclosure

More from The Register 21 May 2026, 8:34 a.m. Artificial Intelligence CVE Disclosure Fixed Sandbox

The Hacker News 3 weeks, 6 days ago

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible systems

More from The Hacker News 7 May 2026, 4:15 p.m. Incident · 3 stories Critical Disclosure JavaScript Library Node.js Open Source Sandbox Vulnerability

Bleeping Computer 4 weeks ago

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system. [...]

More from Bleeping Computer 7 May 2026, 6:38 a.m. Incident · 3 stories Critical Library Node.js Sandbox Vulnerability

The Hacker News 1 month, 1 week ago

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution

More from The Hacker News 22 Apr 2026, 7:16 p.m. Incident · 3 stories Artificial Intelligence CVE Critical Disclosure Flaw JavaScript Python Root Sandbox Vulnerability

Dark Reading 1 month, 1 week ago

Google Fixes Critical RCE Flaw in AI-Based 'Antigravity' Tool

The prompt-injection vulnerability in the agentic AI product for filesystem operations was a sanitization issue that allowed for sandbox escape and arbitrary code execution.

More from Dark Reading 22 Apr 2026, 3:00 a.m. Incident · 3 stories Artificial Intelligence Critical Flaw Google Remote Code Execution Sandbox Tools Vulnerability

Cyber Scoop 1 month, 2 weeks ago

Vuln in Google’s Antigravity AI agent manager could escape sandbox, give attackers remote code execution

Google’s highest security setting for its agents runs command operations through a sandbox and throttles network access, but is still vulnerable to prompt injection. The post Vuln in Google’s Antigravity AI agent manager could escape sandbox, give attackers remote code execution appeared first on CyberScoop.

More from Cyber Scoop 21 Apr 2026, 9:17 a.m. Incident · 3 stories Artificial Intelligence Google Remote Code Execution Sandbox Vulnerability

The Register 1 month, 2 weeks ago

Patch these critical Fortinet sandbox bugs that let attackers bypass login, run commands over HTTP

No reports of active exploitation (yet) Watch out for more Fortinet vulns! Two critical bugs in Fortinet's sandbox could allow unauthenticated attackers to bypass authentication or execute unauthorized code on vulnerable systems.…

More from The Register 16 Apr 2026, 5:52 a.m. Incident · 2 stories Authentication Bypass Critical Fortinet Patch Sandbox Unauthenticated Vulnerability

The Hacker News 1 month, 3 weeks ago

EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs

Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit (SDK) called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk

More from The Hacker News 10 Apr 2026, 5:26 a.m. Android Antivirus Bypass Cryptocurrency Exposure Flaw Microsoft Patch Sandbox Vulnerability Widely Used

Bank Info Security 2 months, 1 week ago

Speed, Judgment and Behavior: AI's Defense Mandate

Capitol Meridian Partners' Niloofar Razi on Innovation Sandbox, AI-Driven OffenseCybersecurity can no longer stop at the system boundary. Organizations must understand how humans and AI agents behave, and intervene before attackers exploit that behavior, says Niloofar Razi, operating partner at Capitol Meridian Partners.

More from Bank Info Security 27 Mar 2026, 6:00 a.m. Artificial Intelligence Exploit Sandbox

Dark Reading 2 months, 1 week ago

AI Dominates RSAC Innovation Sandbox

Ten finalists had three minutes to make their case for being the most innovative, promising young security company of the year. Geordie AI wins the 2026 contest.

More from Dark Reading 26 Mar 2026, 4:03 a.m. Artificial Intelligence Contest Sandbox

The Hacker News 2 months, 2 weeks ago

AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE

Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments using domain name system (DNS) queries

More from The Hacker News 18 Mar 2026, 5:39 a.m. Amazon Artificial Intelligence DNS Data Exfiltration Disclosure Exploit Flaw Remote Code Execution Report Research Sandbox

The Hacker News 2 months, 3 weeks ago

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Cybersecurity researchers have disclosed details of two now-patched security flaws in the n8n workflow automation platform, including two critical bugs that could result in arbitrary command execution

More from The Hacker News 12 Mar 2026, 3:51 a.m. Automation CVE Credentials Critical Disclosure Exposure Flaw Patch Remote Code Execution Research Sandbox Unauthenticated Vulnerability

Bank Info Security 3 months, 2 weeks ago

Cyber Startups to Take Innovation Spotlight at RSAC 2026

As Innovation Sandbox Turns 21, AI-Based Solutions Dominate Annual ContestNext month in San Francisco, the Innovation Sandbox at RSAC Conference will celebrate its 21st year of choosing key emerging solutions in cybersecurity. Past winners and finalists range from EDR and XDR giant SentinelOne in 2014 to cloud security phenom Wiz in 2021.

More from Bank Info Security 18 Feb 2026, 11:00 a.m. Artificial Intelligence Cloud Conference Contest EDR Sandbox Startup XDR

The Register 3 months, 2 weeks ago

Google patches Chrome zero-day as in-the-wild exploits surface

High-severity CSS flaw let malicious webpages run code inside the sandbox Google has quietly pushed out an emergency Chrome fix after attackers were caught exploiting the browser's first reported zero-day of 2026.…

More from The Register 17 Feb 2026, 1:39 a.m. 0-Day Chrome Exploit Flaw Google Patch Sandbox

Bleeping Computer 3 months, 4 weeks ago

CISA: VMware ESXi flaw now exploited in ransomware attacks

CISA confirmed on Wednesday that ransomware gangs have begun exploiting a high-severity VMware ESXi sandbox escape vulnerability that was previously used in zero-day attacks. [...]

More from Bleeping Computer 5 Feb 2026, 6:38 a.m. 0-Day CISA Flaw Ransomware Sandbox VMware Virtualisation Vulnerability

Bank Info Security 4 months ago

Idis Surveillance Management Software Vulnerable to Hacking

Web-Based Client on Local Host Didn't Sanitize InputsVideo camera surveillance management software made by South Korean manufacturer Idis is susceptible to a one-click attack giving hackers the power to execute arbitrary code. The vulnerability allows an attacker to escalate beyond the browser sandbox and achieve code execution on the host.

More from Bank Info Security 29 Jan 2026, 10:00 a.m. Hacking Sandbox South Korea Video Vulnerability

Bleeping Computer 4 months ago

New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host. [...]

More from Bleeping Computer 29 Jan 2026, 6:46 a.m. Automation Compromise Flaw Remote Code Execution Sandbox Vulnerability

Info Security Magazine 4 months ago

Critical and High Severity n8n Sandbox Flaws Allow RCE

Two critical security flaws in n8n have exposed sandboxing vulnerabilities, enabling remote code execution for attackers

More from Info Security Magazine 29 Jan 2026, 5:00 a.m. Critical Exposure Flaw Remote Code Execution Sandbox Vulnerability

The Hacker News 4 months ago

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library that, if successfully exploited, could allow attackers to run arbitrary code on the underlying operating system

More from The Hacker News 29 Jan 2026, 3:01 a.m. CVE Critical Disclosure Flaw Library Node.js Sandbox Vulnerability

Info Security Magazine 4 months, 1 week ago

Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core

Critical sandbox escape vulnerability in Grist-Core enables remote code execution via a malicious formula

More from Info Security Magazine 28 Jan 2026, 5:45 a.m. Critical Remote Code Execution Sandbox Vulnerability

Loading more headlines...