Dark Reading

Second Round of Critical RCE Bugs in n8n Spikes Corporate Risk

A new around of vulnerabilities in the popular AI automation platform could let attackers hijack servers and steal ...
SecurityWeek

N8n Vulnerabilities Could Lead to Remote Code Execution

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.
CSO Online

Critical RCE bugs expose the n8n automation platform to host‑level compromise

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...

New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.
The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
Cybernews

North Korea is turning open-source projects into malware traps

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...
CSO Online

Unplugged holes in the npm and yarn package managers could let attackers bypass defenses against Shai-Hulud

A researcher at Koi Security says the two key platforms have not plugged the vulnerabilities enabling the worm attacks, and ...
MUO on MSN

I tried running Android apps on Windows and it wasn't terrible

The surprisingly smooth way to run Android apps on Windows.

Web skimming attacks target major payment networks

Web skimming campaigns use obfuscated JavaScript code to steal credit card data from checkout pages without detection by ...

Beth Rigby: Starmer's fate could be decided by a looming crisis much closer to home

While the prime minister focuses on foreign affairs, his deputy Labour leader has a message for those frustrated with his ...
GitHub

Modern JavaScript runtime in Python

Note: jsrun is under development. Expect breaking changes between minor versions. One of the most compelling use cases for jsrun is building safe execution environments for AI agents. When LLMs ...