Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of ...

Critical n8n v CVE-2026-25049 allows authenticated workflow abuse to execute system commands and expose server data.

CISA added VMware vCenter vulnerability CVE-2024-37079 to its KEV list after confirmed in-the-wild exploitation, urging ...

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via ...

A Chinese state-sponsored actor was seen exploiting a WinRAR bug, soon after the Russians.

OpenSSL updates released on Tuesday patch a dozen vulnerabilities, including a high-severity remote code execution flaw.

CISA warns that a fresh critical-severity SolarWinds vulnerability leading to unauthenticated RCE has been exploited in attacks.

A decade-old critical security vulnerability affects over 800,000 internet-exposed telnet servers, with reports of active ...

A hacking campaign took just days to exploit a newly disclosed security vulnerability in Microsoft Windows version of WinRAR, ...

A new threat actor called Amaranth Dragon, linked to APT41 state-sponsored Chinese operations, exploited the CVE-2025-8088 ...

CVE-2026-21962 is a critical (CVSS 10.0) vulnerability in the Oracle HTTP Server and the WebLogic Server Proxy Plug-in for Apache HTTP Server and Microsoft IIS. An unauthenticated attacker with HTTP ...

A US security agency has warned SolarWinds Web Help Desk users that a remote code execution (RCE) vulnerability patched by ...