SecureLayer7 Blackf0g researcher team A critical RCE vulnerability in n8n has been identified and patched. n8n’s AI ...

Google fixes actively exploited Chrome zero-day CVE-2026-2441, a high-severity CSS use-after-free flaw enabling sandboxed remote code execution.

Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two ...

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

Learn how CVE-2026-1281 and CVE-2026-1340 enable pre-auth RCE in Ivanti EPMM, now actively exploited, and how AppTrana helps block attacks across applications. The post CVE-2026-1281 & CVE-2026-1340: ...

It's time to phase out the "patch and pray" approach, eliminate needless public interfaces, and enforce authentication ...

A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access appliances is now being exploited in attacks after a PoC was published ...

Threat intelligence firm GreyNoise said it recorded 417 exploitation sessions from 8 unique source IP addresses between ...

Microsoft has patched the Windows Notepad remote code execution vulnerability CVE-2026-20841, warning users to install February 2026 updates to block exploits.

In the second half of December 2025, n8n’s developers released CVE-2025-68613, a patch for a critical Remote Code Execution ...

An authenticated attacker (using the account created in step 1) can execute arbitrary OS commands as root via crafted HTTP requests. By combining these two vulnerabilities, an attacker can go from ...