January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity ...

The Model Context Protocol just got its first official extension, and it changes what AI assistants can do. MCP Apps lets tools return interactive user interfaces—dashboards, forms, visualizations, ...

The RedKitten campaign distributes lures designed to target people seeking information about missing persons or political dissidents in Iran ...

The rapid adoption of AI agents has exposed a structural security problem in the Model Context Protocol. Due to a lack of authentication, hundreds of MCP ...

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

Researchers disclosed two n8n vulnerabilities that let authenticated users bypass JavaScript and Python sandboxes to run ...

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.

To exploit the vulnerability, an attacker would need either system access or be able to convince a user to open a malicious ...

Two critical security flaws in n8n have exposed sandboxing vulnerabilities, enabling remote code execution for attackers ...

Disrupting left superior frontal sulcus selectively impaired perceptual but not value-based decisions, revealing segregated ...