The Hacker News

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure.
The Hacker News

Veeam Patches 7 Critical Backup & Replication Flaws Allowing Remote Code Execution

Veeam fixes 7 Backup & Replication flaws, including CVSS 9.9 RCE bugs, warning attackers may exploit unpatched systems.

Critical Google Chrome Security Bug—Visiting Web Page Executes Attack

Google has confirmed CVE-2026-3913, a critical security vulnerability in Chrome. one that could enable a remote code execution attack simply by visiting a web page.

Veeam warns of critical flaws exposing backup servers to RCE attacks

Data protection company Veeam Software has patched multiple flaws in its Backup & Replication solution, including four ...
GovInfoSecurity

Malicious Repo Files Could Hijack Claude Code Sessions

Check Point research found three critical flaws in Anthropic's Claude Code that allow attackers to execute arbitrary commands and steal API keys through repository ...
SecurityWeek

Chrome 146 Update Patches Two Exploited Zero-Days

Google has rushed out a Chrome 146 security update that patches two zero-day vulnerabilities exploited in the wild.
Bleeping Computer

WordPress security plugin WP Ghost vulnerable to remote code execution bug

Popular WordPress security plugin WP Ghost is vulnerable to a critical severity flaw that could allow unauthenticated attackers to remotely execute code and hijack servers. WP Ghost is a popular ...
Ars Technica

Hundreds of e-commerce sites hacked in supply-chain attack

Hundreds of e-commerce sites, at least one owned by a large multinational company, were backdoored by malware that executes malicious code inside the browsers of visitors, where it can steal payment ...