CSO Online

Critical RCE bugs expose the n8n automation platform to host‑level compromise

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...
SecurityWeek

Ivanti Patches Exploited EPMM Zero-Days

Ivanti has patched CVE-2026-1281 and CVE-2026-1340, two Endpoint Manager Mobile (EPMM) flaws exploited as zero-days.
WeLiveSecurity

Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan

ESET researchers discover an Android spyware campaign targeting users in Pakistan via romance scam tactics, revealing links to a broader spy operation.

GTA: San Andreas's Original PC Version Can Now Be Beaten in Just an Hour Thanks to the Weirdest Skip You've Ever Seen

Straight to the End of the Line.
The Register on MSNOpinion

Critical React Native Metro dev server bug under attack as researchers scream into the void

Too slow react-ion time Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware ...
The Hacker News

⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats

This week’s cybersecurity recap highlights key attacks, zero-days, and patches to keep you informed and secure.

CERT-In Asks macOS, Google Chrome Users to Install Updates That Address Security Flaws ...

The alerts highlight security flaws in Apple’s productivity apps and Google’s Chrome browser for desktop computers.