-
A critical vulnerability has been discovered in n8n, an open-source automation and workflow platform, that could allow authenticated users to execute arbitrary commands on vulnerable systems. The flaw, tracked as CVE-2025-68668, affects all n8n version…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical path traversal vulnerability has been discovered in AdonisJS’s multipart file handling, potentially allowing remote attackers to write arbitrary files to server locations outside the intended upload directory. The vulnerability, tracke…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security experts at Zenity Labs warn that Anthropic’s new agentic browser extension, Claude in Chrome, could bypass traditional web security, exposing private data and login tokens to potential hijackers.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Eaton has issued a critical security advisory warning users about multiple high-severity vulnerabilities in its UPS Companion software that could allow attackers to execute arbitrary code on affected systems. The power management company released patch…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
QNAP has released a security advisory addressing multiple vulnerabilities in its License Center application. If left unpatched, these flaws could allow attackers to steal sensitive information, crash system processes, or modify memory on affected Netwo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researcher in “Martha Root” in Pink Power Ranger deletes white supremacist dating sites live onstage, leaks 8,000 profiles and 100GB of data at Chaos Communication Congress (CCC) 2025.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
RondoDox hackers exploit the React2Shell flaw in Next.js to target 90,000+ devices, including routers, smart cameras, and small business websites.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Over 3,000 organisations, predominantly in manufacturing, fell victim to a sophisticated phishing campaign in December 2025 that leveraged Google’s own application infrastructure to bypass enterprise email security controls. Attackers sent decept…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity security flaw has been discovered in GNU Wget2, a popular command-line tool used for downloading files from the web. The vulnerability, tracked as CVE-2025-69194, allows remote attackers to overwrite files on a user’s computer wit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a severe security flaw in WHILL Model C2 electric wheelchairs and Model F power chairs that could allow attackers to hijack the devices via Bluetooth. The vu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
