A critical remote code execution vulnerability has left over 100,000 n8n workflow automation instances exposed to potential cyberattacks. The Shadowserver Foundation disclosed that 105,753 vulnerable instances were identified on January 9, 2026, repres…

Security researchers have discovered critical vulnerabilities in InputPlumber, a Linux input device utility used in SteamOS, that could allow attackers to inject keystrokes, leak sensitive information, and cause denial-of-service conditions. The flaws,…

Trend Micro has issued a critical security update for Apex Central to address multiple remotely exploitable vulnerabilities, including a bug that allows unauthenticated attackers to execute code with SYSTEM-level privileges.  Organizations running vuln…

Linux administrators are being urged to update promptly after disclosures of multiple vulnerabilities in GitLab, including flaws that could enable cross-site scripting, authorization bypass, and denial of service in selfmanaged instances…

Eaton has issued a critical security advisory warning users about multiple high-severity vulnerabilities in its UPS Companion software that could allow attackers to execute arbitrary code on affected systems. The power management company released patch…

QNAP has released a security advisory addressing multiple vulnerabilities in its License Center application. If left unpatched, these flaws could allow attackers to steal sensitive information, crash system processes, or modify memory on affected Netwo…

A sophisticated credential-stealing campaign named “Operation PCPcat” has compromised over 59,000 Next.js servers worldwide, exploiting critical vulnerabilities in the popular React framework to harvest sensitive authentication data at indu…

The Shadowserver Foundation has identified over 25,000 internet-facing Fortinet devices globally with FortiCloud Single Sign-On (SSO) functionality enabled, raising concerns about potential exposure to critical authentication bypass vulnerabilities. Th…