The Hacker News

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Critical n8n flaw CVE-2025-68668 allows authenticated users to run system commands via workflows; affects versions 1.0.0 to ...
SecurityWeek

CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries

The CISA KEV catalog was expanded with 245 vulnerabilities in 2025, including 24 flaws exploited by ransomware groups.
Dark Reading

Critical 'MongoBleed' Bug Under Active Attack, Patch Now

The memory leak security vulnerability allows unauthenticated attackers to extract passwords and tokens from MongoDB servers.
Security Boulevard

Best of 2025: Google Gemini AI Flaw Could Lead to Gmail Compromise, Phishing

Researchers discovered a security flaw in Google's Gemini AI chatbot that could put the 2 billion Gmail users in danger of being victims of an indirect prompt injection attack, which could lead to ...