The Hacker News

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

Critical n8n flaw CVE-2025-68613 (CVSS 9.9) lets authenticated users run arbitrary code; versions 0.211.0–1.120.4 affected, ...
The Hacker News

HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution

HPE patched a critical OneView vulnerability with CVSS 10.0 that could allow unauthenticated remote code execution in ...

Gnosis Chain Warns of Validator Penalty Post Balancer Hack Recovery Hard Fork

M Vol. 24h: $5.64 M executed, on December 22, a governance-approved hard fork to recover around $9.4 million of the frozen ...

Sneeit WordPress RCE flaw allows hackers to add themselves as admin - here's how to stay safe

A critical flaw in a WordPress add-on was recently patched, which allows crooks to add a rogue admin account to the site.

Critical Amazon Kindle flaw could let hackers take over your account - don't fall for this

An ethical hacker discovered a Kindle exploit that could let bad actors take over your Amazon account via your Kindle.

Hackers exploit unpatched Gogs zero-day to breach 700 servers

An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code ...
Forbes

The WhatsApp $1 Million Hack Mystery — What You Need To Know

$1 million WhatsApp hack at Pwn2Own Ireland confirmed. October 23 should stick in the memory of smartphone users for some time to come. This is the day that the Samsung Galaxy S25 was hacked, ...
SecurityWeek

Gladinet CentreStack Flaw Exploited to Hack Organizations

Threat actors have exploited a vulnerability in Gladinet CentreStack to retrieve cryptographic keys and compromise nine ...
Bleeping Computer

Russian hackers abuse Hyper-V to hide malware in Linux VMs

The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response solutions by creating a hidden Alpine Linux-based virtual machine to run ...