CSO Online

Critical RCE flaw allows full takeover of n8n AI workflow platform

A compromised n8n instance doesn’t just mean losing one system — it means handing attackers the keys to everything,’ security ...
SecurityWeek

Vulnerability in Totolink Range Extender Allows Device Takeover

A vulnerability in Totolink EX200 leads to the launch of an unauthenticated root-level Telnet service, allowing complete ...
The Hacker News

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

A critical CVSS 10.0 vulnerability in n8n allows unauthenticated attackers to read files, bypass authentication, and gain ...

Critical macOS Flaw Lets Attackers Bypass Apple Privacy Controls Without Consent

A newly disclosed macOS vulnerability bypasses Apple’s TCC privacy controls, allowing silent access to files, microphone data ...

Max severity Ni8mare flaw lets hackers hijack n8n servers

A maximum severity vulnerability dubbed "Ni8mare" allows remote, unauthenticated attackers to take control over locally ...
Microsoft

Phishing actors exploit complex routing and misconfigurations to spoof domains

Threat actors are exploiting complex routing scenarios and misconfigured spoof protections to send spoofed phishing emails, ...

ownCloud urges users to enable MFA after credential theft reports

File-sharing platform ownCloud warned users today to enable multi-factor authentication (MFA) to block attackers using ...
SecurityWeek

Several Code Execution Flaws Patched in Veeam Backup & Replication

CISA’s Known Exploited Vulnerabilities (KEV) catalog includes four weaknesses found in the product in recent years, including ...