SecureLayer7 Blackf0g researcher team A critical RCE vulnerability in n8n has been identified and patched. n8n’s AI ...

Google fixes actively exploited Chrome zero-day CVE-2026-2441, a high-severity CSS use-after-free flaw enabling sandboxed remote code execution.

Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two ...

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

Learn how CVE-2026-1281 and CVE-2026-1340 enable pre-auth RCE in Ivanti EPMM, now actively exploited, and how AppTrana helps block attacks across applications. The post CVE-2026-1281 & CVE-2026-1340: ...

It's time to phase out the "patch and pray" approach, eliminate needless public interfaces, and enforce authentication ...

A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access appliances is now being exploited in attacks after a PoC was published ...

Threat intelligence firm GreyNoise said it recorded 417 exploitation sessions from 8 unique source IP addresses between ...

Microsoft has patched the Windows Notepad remote code execution vulnerability CVE-2026-20841, warning users to install February 2026 updates to block exploits.

In the second half of December 2025, n8n’s developers released CVE-2025-68613, a patch for a critical Remote Code Execution ...

A spear-phishing campaign by North Korean actors is abusing a legitimate feature of Microsoft Visual Studio (VS) Code to gain full remote control of targeted systems. In the campaign, discovered by ...