New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.
SecurityWeek

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

LayerX discovered 16 extensions in the Chrome Web Store and Microsoft Edge Add-ons marketplace that steal users’ ChatGPT ...
Ecommerce Fastlane

What Is A Website Crawler? 12 Bot Management Strategies

Think about the last ten visitors to your online store. You probably picture ten people browsing on their phones or laptops.
SecurityWeek

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass

Fortinet has released patches for CVE-2026-24858, an authentication bypass exploited in the wild to compromise devices.
The Hacker News

SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass

SolarWinds fixed six Web Help Desk vulnerabilities, including four critical flaws that allow unauthenticated remote code execution.
CSO Online

Critical RCE bugs expose the n8n automation platform to host‑level compromise

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...
CSO Online

Critical bug in popular vm2 Node.js sandboxing library puts projects at risk

Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and ...
Oneindia

Ramadevi Nunna Optimises Financial Content Management And Rating Systems

Senior Data Engineer Ramadevi Nunna develops a secure web-based content management system to streamline financial ratings and ...
Que.com on MSN

China-linked hackers deploy PeckBirdy JavaScript C2 framework since 2023

Since 2023, multiple security investigations have highlighted a growing trend in which China-linked threat actors increasingly rely on lightweight, stealthy ...