The Hacker News

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

Critical n8n flaw CVE-2025-68613 (CVSS 9.9) lets authenticated users run arbitrary code; versions 0.211.0–1.120.4 affected, ...
Security Boulevard

Best of 2025: LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112

SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows ...

Cyata flags agentic AI supply-chain risk in Cursor remote code execution bug

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a critical remote code ...

New critical WatchGuard Firebox firewall flaw exploited in attacks

WatchGuard has warned customers to patch a critical, actively exploited remote code execution (RCE) vulnerability in its ...
SecurityWeek

WatchGuard Patches Firebox Zero-Day Exploited in the Wild

WatchGuard warns that the critical Firebox vulnerability CVE-2025-14733 has been exploited in attacks for remote code ...
Security Boulevard

Real Attacks of the Week: How Spyware Beaconing and Exploit Probing Are Shaping Modern Intrusions

Over the past week, enterprise security teams observed a combination of covert malware communication attempts and aggressive probing of publicly exposed infrastructure. These incidents, detected ...
CSO Online

HPE OneView vulnerable to remote code execution attack

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.

Remote Maintenance ScreenConnect: Critical vulnerability allows code execution

In the remote maintenance software Connectwise ScreenConnect, authenticated attackers can inject malicious code. An update is available.

Google links more Chinese hacking groups to React2Shell attacks

Over the weekend, ​Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the ...