Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure.

Splunk systems are at risk from a remote command execution (RCE) vulnerability. Tracked as CVE-2026-20163, the flaw allows bad actors to carry out arbitrary shell commands directly on the host ...

We review the Soliom S90 Solar Powered Wireless 1080p hd Security camera used for off grid rv and vanlife remote boondocking.

Attackers are using fake Claude Code install pages and malicious search ads to spread infostealer malware targeting Windows ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be the first documented case of attackers abusing the Deno JavaScript runtime ...

Two critical-severity n8n vulnerabilities could have led to unauthenticated remote code execution, sandbox escape, and credential theft.

Researchers at Endor Labs uncovered 88 new packages tied to new waves of the campaign, which uses remote dynamic dependencies to deliver credential-stealing malware.

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

Hackers have a new tool called ClickFix. The new attack vector combines fake human-verification prompts with malware, trying to trick users into running Terminal commands that bypass macOS security.

Unauthenticated password reset vulnerability in widely deployed enterprise switching hardware carries a near-maximum severity score.

Fortinet, Ivanti, and Intel have released fixes for dozens of vulnerabilities, including high-severity bugs leading to code execution.