The maintainers of the vm2 JavaScript sandbox module have shipped a patch to address a critical flaw that could be abused to break out of security boundaries and execute arbitrary shellcode.
The flaw, which affects all versions, including and prior to 3.9.14, was reported by researchers from South Korea-based KAIST WSP Lab on April 6, 2023, prompting vm2 to release a fix with version 3.9.15 on Friday.
“A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox,” vm2 disclosed in an advisory.
In 1971, artist Harold Cohen (1928 – 2016) became a visiting scholar at Stanford’s Artificial Intelligence Laboratory. There, he created a computer program called Aaron to answer the question, “What are the minimum conditions under which a set of marks functions as an image?”
The first iteration of Aaron generated abstract drawings. Later iterations in the 1980s drew rocks, plants, people, and other animals. Cohen’s program was one of the first examples of how AI could be used in creative fields like art.
Ukrainian troops have been using Corvo Precision Payload Delivery System (PPDS) drones that are made out of cardboard. At least 100 of the flat-packed drones are being supplied to Ukraine each month, as per a report by The Australian. These cardboard UAVs allow Ukrainian forces to drop bombs, deliver supplies and undertake vital reconnaissance missions. Watch the video to find out what the Precision Payload Delivery System is?
Former Lockheed Martin Skunkworks Senior Scientist comes out about Antigravity Propulsion Devices and how they tie into what is known as “Singularity” which allow you to move anywhere within the universe instantaneously.
Humans have this technology, and have had for more than 50 years.
According to reports, the Taiwanese computer hardware company MSI (Micro-Star International) was recently joined to the list of victims of a new ransomware gang that goes by the name “Money Message.” The perpetrators of the cybercrime say that they have taken source code along with other critical material from the company’s network. MSI is a world-renowned leader in the production of computer components, such as motherboards, graphics cards, desktop computers, laptop computers, servers, and other electronic equipment. It brings in more than $6.5 billion in income every year.
Money Message has included MSI on the website that it maintains for the publication of leaked material and has published images of the company’s CTMS and ERP databases in addition to files that include software source code, private keys, and BIOS firmware. If MSI does not comply with the threat actors’ demand for a ransom payment, they will now threaten to release all of the information that was taken.
The Turritopsis dohrnii jellyfish doesn’t die a natural death after it ages, but perpetually returns to infancy. Here’s what scientists are hoping to learn from it.
