Security

Critical vm2 Node.js Vulnerability Allows Sandbox Escape and Arbitrary Code Execution

A critical security vulnerability has been disclosed in the widely used vm2 Node.js library, exposing systems to sandbox escape and arbitrary code execution risks. If exploited successfully, attackers could execute malicious code directly on the host operating system, completely bypassing vm2’s intended isolation mechanisms. The flaw is tracked as CVE-2026-22709 and carries a CVSS score of 9.8, placing it among the […]

Critical vm2 Node.js Vulnerability Allows Sandbox Escape and Arbitrary Code Execution Read More »

Two High Severity n8n Vulnerabilities Allow Authenticated Remote Code Execution

Cybersecurity researchers have disclosed two serious security flaws in the n8n workflow automation platform that could allow authenticated attackers to achieve remote code execution (RCE) and potentially take full control of affected environments. The vulnerabilities were discovered by the JFrog Security Research team and impact n8n’s sandboxing mechanisms for both JavaScript and Python execution. Given n8n’s deep integration across enterprise automation

Two High Severity n8n Vulnerabilities Allow Authenticated Remote Code Execution Read More »

Fake Python Spellchecker Packages on PyPI Deliver Hidden Remote Access Trojan

Cybersecurity researchers have uncovered two malicious Python packages on the Python Package Index (PyPI) that posed as legitimate spellchecking tools while secretly delivering a remote access trojan (RAT). The packages, spellcheckerpy and spellcheckpy, have since been removed, but not before they were downloaded more than 1,000 times combined. According to Aikido researcher Charlie Eriksen, the malware was concealed

Fake Python Spellchecker Packages on PyPI Deliver Hidden Remote Access Trojan Read More »

Critical Grist Core Vulnerability Enables RCE Attacks Through Spreadsheet Formulas

A severe security vulnerability has been identified in Grist-Core, the open-source self-hosted variant of the Grist relational spreadsheet-database, which could allow remote code execution (RCE). The flaw, cataloged as CVE-2026-24002 with a CVSS score of 9.1, has been dubbed Cellbreak by Cyera Research Labs. “One malicious formula can turn a spreadsheet into a Remote Code Execution (RCE) beachhead,” said security researcher Vladimir Tokarev, who

Critical Grist Core Vulnerability Enables RCE Attacks Through Spreadsheet Formulas Read More »

Experts Identify Pakistan Linked Cyber Campaigns Targeting Indian Government Entities

Cybersecurity researchers have uncovered two previously undocumented cyber campaigns targeting Indian government entities, attributed to a threat actor believed to be operating from Pakistan. The campaigns, identified by Zscaler ThreatLabz in September 2025, have been named Gopher Strike and Sheet Attack. According to researchers Sudeep Singh and Yin Hong Chang, the operations show overlaps with known Pakistan-linked APT activity, particularly

Experts Identify Pakistan Linked Cyber Campaigns Targeting Indian Government Entities Read More »

Malicious VS Code AI Extensions With 1.5 Million Installs Steal Developer Source Code

Cybersecurity researchers have uncovered two malicious Microsoft Visual Studio Code extensions that present themselves as AI-powered coding assistants but secretly collect and exfiltrate developers’ source code to servers based in China. The extensions, which together have reached more than 1.5 million installs and remain available on the official Visual Studio Marketplace, are listed as ChatGPT

Malicious VS Code AI Extensions With 1.5 Million Installs Steal Developer Source Code Read More »

Critical GNU InetUtils telnetd Vulnerability Allows Login Bypass and Root Access

A severe security vulnerability has been disclosed in the GNU InetUtils telnet daemon (telnetd) that has remained unnoticed for nearly 11 years. The flaw allows remote attackers to bypass authentication and gain root access on affected systems. Vulnerability Overview The flaw, tracked as CVE-2026-24061, carries a CVSS score of 9.8/10. It impacts all GNU InetUtils versions from 1.9.3 through

Critical GNU InetUtils telnetd Vulnerability Allows Login Bypass and Root Access Read More »

Malicious PyPI Package Masquerades as SymPy and Deploys XMRig Miner on Linux Hosts

A newly identified malicious package hosted on the Python Package Index (PyPI) has been caught impersonating the widely used SymPy library to deploy harmful payloads on Linux machines. The campaign highlights the growing risk of supply chain attacks targeting developers through trusted open source repositories. Fake Development Package Targets Python Users The malicious package, named sympy-dev,

Malicious PyPI Package Masquerades as SymPy and Deploys XMRig Miner on Linux Hosts Read More »

SmarterMail Authentication Bypass Actively Exploited Just Two Days After Patch Release

A newly discovered security vulnerability in SmarterTools SmarterMail email software is being actively exploited in real world attacks only two days after a fix was released. The rapid exploitation has raised concerns about patch awareness, disclosure practices, and the exposure of email infrastructure to credential takeover and remote code execution. Authentication Bypass Identified and Patched

SmarterMail Authentication Bypass Actively Exploited Just Two Days After Patch Release Read More »

LastPass Alerts Users About Fake Maintenance Messages Targeting Master Passwords

LastPass has issued a warning about a new phishing campaign designed to steal users’ master passwords by impersonating the popular password management service. How the Phishing Campaign Works The campaign, active since around January 19, 2026, sends emails claiming upcoming maintenance and urging users to create a local backup of their password vaults within 24 hours. The phishing emails carry subject

LastPass Alerts Users About Fake Maintenance Messages Targeting Master Passwords Read More »