Security

Critical n8n Vulnerabilities Enable Remote Code Execution and Exposure of Stored Credentials

Cybersecurity researchers have revealed details about multiple serious vulnerabilities in the n8n workflow automation platform, including two critical flaws that could allow attackers to execute arbitrary commands on affected systems. The vulnerabilities have already been patched, but security experts warn that systems running older versions may remain vulnerable. Key Vulnerabilities Identified Researchers identified two major security […]

Critical n8n Vulnerabilities Enable Remote Code Execution and Exposure of Stored Credentials Read More »

CISA Known Exploited Vulnerabilities Catalog logo

CISA Warns of Actively Exploited Vulnerabilities in SolarWinds, Ivanti, and Workspace One

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added three newly identified security vulnerabilities affecting SolarWinds, Ivanti, and Omnissa products to its Known Exploited Vulnerabilities (KEV) catalog after confirming that attackers are actively exploiting them. The KEV catalog is maintained by CISA to highlight vulnerabilities that are currently being used in real world cyber attacks, allowing organizations to prioritize patching

CISA Warns of Actively Exploited Vulnerabilities in SolarWinds, Ivanti, and Workspace One Read More »

Hikvision

CISA Adds Critical Hikvision and Rockwell Automation CVSS 9.8 Vulnerabilities to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency has added two high severity vulnerabilities affecting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities (KEV) catalog after confirming evidence that the flaws are being actively exploited. Both vulnerabilities carry a CVSS score of 9.8, indicating a critical level of risk for affected systems. Vulnerability Affecting Hikvision Devices The first vulnerability, tracked as CVE-2017-7921,

CISA Adds Critical Hikvision and Rockwell Automation CVSS 9.8 Vulnerabilities to KEV Catalog Read More »

Europol flow chat

FBI and Europol Shut Down LeakBase Forum Used for Trading Stolen Credentials

International law enforcement agencies have successfully dismantled LeakBase, a notorious online marketplace widely used by cybercriminals to trade stolen credentials and hacking resources. The coordinated crackdown was led by the Federal Bureau of Investigation and Europol as part of a multinational cybercrime investigation. Authorities confirmed that the website leakbase[.]la has been seized. Visitors attempting to access the platform now encounter an official

FBI and Europol Shut Down LeakBase Forum Used for Trading Stolen Credentials Read More »

CISA Includes Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 in KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency has added a newly disclosed VMware vulnerability to its Known Exploited Vulnerabilities catalog after reports indicated real world abuse. The flaw, tracked as CVE-2026-22719, affects Broadcom VMware Aria Operations and carries a CVSS score of 8.1, classifying it as high severity. Command Injection Risk Enables Remote Code Execution According to

CISA Includes Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 in KEV Catalog Read More »

Google Introduces Merkle Tree Certificates to Support Quantum Resistant HTTPS in Chrome

Google has unveiled a new initiative within its Chrome browser aimed at strengthening HTTPS security against the long term threat of quantum computing. The move represents a significant step toward building a quantum-resistant internet without sacrificing speed or scalability. In a statement from the Chrome Secure Web and Networking Team, Google clarified that it does

Google Introduces Merkle Tree Certificates to Support Quantum Resistant HTTPS in Chrome Read More »

Apple Tests End to End Encrypted RCS Messaging in iOS 26.4 Developer Beta

Apple has rolled out a new developer beta of iOS and iPadOS that introduces end-to-end encryption, E2EE, for Rich Communication Services (RCS) messaging. The capability is currently available in iOS 26.4 and iPadOS 26.4 beta builds and is expected to reach general users in a future software release across iOS, iPadOS, macOS, and watchOS. In its

Apple Tests End to End Encrypted RCS Messaging in iOS 26.4 Developer Beta Read More »

Microsoft Warns of Python Infostealers Targeting macOS Through Fake Ads and Installers

Microsoft has issued a warning that information stealing malware campaigns are rapidly expanding beyond Windows systems and increasingly targeting Apple macOS environments. According to the company, attackers are using cross platform programming languages such as Python and abusing trusted advertising and software distribution platforms to scale these attacks. Researchers from the Microsoft Defender Security Research

Microsoft Warns of Python Infostealers Targeting macOS Through Fake Ads and Installers Read More »

Docker Patches Critical Ask Gordon AI Vulnerability Allowing Code Execution via Image Metadata

Cybersecurity researchers have revealed a serious vulnerability affecting Ask Gordon, the AI assistant integrated into Docker Desktop and Docker CLI, that could allow attackers to execute code and steal sensitive information. The flaw, dubbed DockerDash by Noma Labs, was fixed in Docker version 4.50.0 released in November 2025. How DockerDash Works According to Sasi Levi, lead security researcher

Docker Patches Critical Ask Gordon AI Vulnerability Allowing Code Execution via Image Metadata Read More »

Researchers Discover 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users

A recent security audit of ClawHub, the marketplace for OpenClaw skills, has uncovered 341 malicious skills among 2,857 reviewed entries, revealing new supply chain threats for OpenClaw users. The analysis was conducted by Koi Security with the assistance of an OpenClaw bot named Alex. ClawHub is designed to help OpenClaw users discover and install third-party

Researchers Discover 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users Read More »