The Hacker News

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

Critical n8n flaw CVE-2025-68613 (CVSS 9.9) lets authenticated users run arbitrary code; versions 0.211.0–1.120.4 affected, ...
GIGAZINE

Possible remote code execution exploit in Apex Legends, professional players targeted during tournaments

Electronic Arts (EA), which operates the battle royale FPS 'Apex Legends,' has announced that it will postpone the North American finals of the official tournament 'Apex Legends Global Series (ALGS).' ...
The Hacker News

Active Attacks Exploit Gladinet's Hard-Coded Keys for Unauthorized Access and Code Execution

Huntress reports active attacks abusing Gladinet’s fixed cryptographic keys to forge tickets and gain remote code execution ...

Cyata flags agentic AI supply-chain risk in Cursor remote code execution bug

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a critical remote code ...

New critical WatchGuard Firebox firewall flaw exploited in attacks

WatchGuard has warned customers to patch a critical, actively exploited remote code execution (RCE) vulnerability in its ...
Security Boulevard

Real Attacks of the Week: How Spyware Beaconing and Exploit Probing Are Shaping Modern Intrusions

Over the past week, enterprise security teams observed a combination of covert malware communication attempts and aggressive probing of publicly exposed infrastructure. These incidents, detected ...
CSO Online

HPE OneView vulnerable to remote code execution attack

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.
CSO Online

Gladinet servers file-sharing servers allow remote code execution

Static AES keys are enabling attackers to decrypt access tokens and reach remote code execution, triggering urgent patch ...

Remote Maintenance ScreenConnect: Critical vulnerability allows code execution

In the remote maintenance software Connectwise ScreenConnect, authenticated attackers can inject malicious code. An update is ...
GIGAZINE

Exploit ``LogoFAIL'' has been discovered that allows arbitrary code execution by replacing the logo image displayed in UEFI when starting a PC, targets Windows and Linux and ...

Security company Binarly has announced an exploit called LogoFAIL that attacks 24 vulnerabilities found in UEFI related to booting devices running Windows or Linux. The 'Logo' in LogoFAIL comes from ...