The Hacker News

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

Critical n8n flaw CVE-2025-68613 (CVSS 9.9) lets authenticated users run arbitrary code; versions 0.211.0–1.120.4 affected, ...
The Hacker News

Active Attacks Exploit Gladinet's Hard-Coded Keys for Unauthorized Access and Code Execution

Huntress reports active attacks abusing Gladinet’s fixed cryptographic keys to forge tickets and gain remote code execution ...

New critical WatchGuard Firebox firewall flaw exploited in attacks

WatchGuard has warned customers to patch a critical, actively exploited remote code execution (RCE) vulnerability in its ...
Security Boulevard

Real Attacks of the Week: How Spyware Beaconing and Exploit Probing Are Shaping Modern ...

Over the past week, enterprise security teams observed a combination of covert malware communication attempts and aggressive probing of publicly exposed infrastructure. These incidents, detected ...

Google links more Chinese hacking groups to React2Shell attacks

Over the weekend, ​Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the ...
CSO Online

Gladinet servers file-sharing servers allow remote code execution

Static AES keys are enabling attackers to decrypt access tokens and reach remote code execution, triggering urgent patch ...
SecurityWeek

WatchGuard Patches Firebox Zero-Day Exploited in the Wild

WatchGuard warns that the critical Firebox vulnerability CVE-2025-14733 has been exploited in attacks for remote code ...
CSO Online

HPE OneView vulnerable to remote code execution attack

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.
ExtremeTech

LastPass exploit allows remote code execution and password theft

LastPass bills itself as a way to simplify your life by storing all your passwords and account details in one place. However, it's looking a little less convenient now, as the service deals with its ...