The Hacker News

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Critical n8n flaw CVE-2025-68668 allows authenticated users to run system commands via workflows; affects versions 1.0.0 to ...
SecurityWeek

Critical Dolby Vulnerability Patched in Android

The flaw is tracked as CVE-2025-54957 and its existence came to light in October 2025 after it was discovered by Google ...

DryRun Security Builds Momentum With Breakthroughs in AI-Native Code Security Intelligence

DryRun Security, the industry’s first AI-native, code security intelligence company, has completed its first year out of ...
The Hacker News

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...
Dark Reading

RondoDox Botnet Expands Scope With React2Shell Exploitation

Recent attacks are targeting Next.js servers and pose a significant threat of cryptomining and other malicious activity to ...
SecurityWeek

CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries

The CISA KEV catalog was expanded with 245 vulnerabilities in 2025, including 24 flaws exploited by ransomware groups.

Pakistan Faced Over 50 Critical Cybersecurity Flaws on a National Scale: NCERT

The National Computer Emergency Response Team (PKCERT) issued 53 cybersecurity advisories in 2025, warning users and ...
Hit Points on MSN

Apple tells 1.8 billion iPhone users to update now over 'extremely sophisticated attack'

Apple urgently warned 1.8 billion iPhone and iPad users of two zero-day vulnerabilities under active exploitation in ...
Dagens.com on MSN

The five AI security threats that moved from theory to reality in 2025

Artificial intelligence promised a leap in productivity this year, particularly as agentic systems began creeping into ...
BroadwayWorld

Interview: Sarah Alida LeClair on AUDITION SIDES and the Audition, the Ex, and the Things Never Said, by Riot Productions

Interview with playwright, performer, and Riot Productions co-founder Sarah Alida LeClair to talk about 'Audition Sides,” a ...
InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...