The Hacker News

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

Critical n8n v CVE-2026-25049 allows authenticated workflow abuse to execute system commands and expose server data.
ZDNet

Trend Micro password manager had remote command execution holes and dumped data to anyone: Project Zero

A password management tool installed by default alongside Trend Micro AntiVirus was found vulnerable to remote code execution thanks to the work of Google's Project Zero security team. Discovered by ...
CSO Online

North Korean actors blend ClickFix with new macOS backdoors in Crypto campaign

The campaign used a compromised Telegram account, a fake Zoom meeting, and AI-assisted deception to trick victims into ...
Computer Weekly

Researchers delve inside new SolarWinds RCE attack chain

Researchers at Huntress and Microsoft have shared findings from their analysis of a new SolarWinds Web Help Desk vulnerability.
Bleeping Computer

Hackers target Apache RocketMQ servers vulnerable to RCE attacks

Security researchers are detecting hundreds of IP addresses on a daily basis that scan or attempt to exploit Apache RocketMQ services vulnerable to a remote command execution flaw identified as ...
Threat Post

ASUS Patches Root Command Execution Flaws Haunting Over a Dozen Router Models

ASUS patched a bug that allowed attackers to pair two vulnerabilities to gain direct router access and execute commands as root. ASUS released patches for over a dozen router models on Tuesday that ...
Hackaday

Linux-Fu: Running Commands

One of the things that makes Linux and Unix-like systems both powerful and frustrating is that there are many ways to accomplish any particular goal. Take something simple like running a bunch of ...