Critical n8n v CVE-2026-25049 allows authenticated workflow abuse to execute system commands and expose server data.

AWS patched a critical CodeBuild flaw that risked GitHub repository hijacking and potential supply chain attacks via the AWS ...

Patch meant to close a severe expression bug fails to stop attackers with workflow access Multiple newly disclosed bugs in ...

vm2 is a JavaScript sandbox for Node.js. Its development was actually discontinued in 2023. Another security vulnerability has been discovered in the software, allowing an escape from the secured ...

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...

Microsoft has released emergency out-of-band security updates to patch a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The security feature bypass vulnerability, tracked ...

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. When someone shares something deeply personal, your response matters more than you think.

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system. The open-source ...

New York, 27 January 2026 — United Nations Secretary-General António Guterres has appointed 15 leading experts to the Independent Expert Advisory Panel for the Multidimensional Vulnerability Index ...