The Hacker News

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure ...

CISA orders feds to patch n8n RCE flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies on Wednesday to patch their systems against an actively exploited n8n vulnerability.
The Hacker News

Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices

SAP patches two critical flaws (CVSS 9.8, 9.1) affecting FS-QUO and NetWeaver, preventing remote code execution risks in enterprise systems.

Microsoft's 'Patch Tuesday' for March addresses two zero-day flaws

Neither of the zero-day vulnerabilities has been actively exploited in the wild.

Claude collaboration tools left the door wide open to remote code execution

Anthropic fixed the flaws – but the AI-enabled attack surfaces remain Security vulnerabilities in Claude Code could have allowed attackers to remotely execute code on users' machines and steal API ...

Android's Advanced Protection Mode may soon disable a key Chrome feature to boost security

Google may allow users to disable WebGPU in Chrome via Android Advanced Protection Mode to shield users from sophisticated online attacks.

Watch out Microsoft Teams users - hackers are spreading a dangerous new phishing scam

Hackers are pretending to be solving a spam problem but are actually deploying backdoors.
SiliconANGLE

Now-patched Azure vulnerability opened the door to remote code execution

Cloud cybersecurity startup Orca Security Ltd. today detailed the discovery of a previously unknown vulnerability in Microsoft Corp.’s Azure that allowed hackers to undertake remote code execution.