China-linked Amaranth-Dragon and Mustang Panda target Southeast Asian governments using WinRAR exploit and PlugX phishing ...

By tapping the unusual .scr file type, attackers leverage "executables that don't always receive executable-level controls," ...

Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of ...

Critical remote code execution and database theft flaws highlight patching gaps and the hidden risk inside business ...

Indian government has revealed multiple vulnerabilities which could allow a remote attacker to execute arbitrary code on the targeted system and access sensitive data.

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace ...

A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking; patched in ...

A new around of vulnerabilities in the popular AI automation platform could let attackers hijack servers and steal ...

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...

The bug, tracked as CVE-2025-8088, is a path traversal flaw that affects the Windows version of the decompression tool. It ...

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.