The Hacker News

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure ...
The Hacker News

Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices

SAP patches two critical flaws (CVSS 9.8, 9.1) affecting FS-QUO and NetWeaver, preventing remote code execution risks in enterprise systems.
SecurityWeek

Fortinet, Ivanti, Intel Patch High-Severity Vulnerabilities

Fortinet, Ivanti, and Intel have released fixes for dozens of vulnerabilities, including high-severity bugs leading to code execution.

CISA orders feds to patch n8n RCE flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies on Wednesday to patch their systems against an actively exploited n8n vulnerability.
Hackaday

Arbitrary Code Execution Over Radio

Computers connected to networks are constantly threatened by attackers who seek to exploit vulnerabilities wherever they can find them. This risk is particularly high for machines connected to the ...
SecurityWeek

ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Moxa, Mitsubishi Electric

Industrial giants Siemens, Schneider Electric, Mitsubishi Electric, and Moxa have published new ICS Patch Tuesday advisories.
Bleeping Computer

R language flaw allows code execution via RDS/RDX files

A new vulnerability has been discovered in the R programming language that allows arbitrary code execution upon deserializing specially crafted RDS and RDX files. R is an open-source programming ...
American Hospital Association

H-ISAC TLP White Vulnerability Bulletin Remote Code Execution Vulnerability in Juniper Networks PTX Series

Juniper Networks recently published an advisory regarding a critical vulnerability, CVE-2026-21902, affecting Junos OS Evolved on PTX Series routers. This flaw allows an unauthenticated, network-based ...
InfoQ

TorchServe Potentially Exposed to Remote Code Execution

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
TechJuice

Researchers Claim Malicious Repositories Turn Claude Code Into an Ideal Hacker’s Tool

Security researchers disclose critical vulnerabilities in Anthropic’s Claude Code that allow remote code execution and credential theft.
Network World

Google discloses unpatched IE vulnerability after Patch Tuesday delay

Google’s Project Zero team has disclosed a potential arbitrary code execution vulnerability in Internet Explorer because Microsoft has not acted within Google’s 90-day disclosure deadline. This is the ...
Computerworld

PHP 5.3.10 fixes critical remote code execution vulnerability

The PHP Group released PHP 5.3.10 on Thursday in order to address a critical security flaw that can be exploited to execute arbitrary code on servers running an older version of the Web development ...