The Hacker News

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

A critical CVSS 10.0 vulnerability in n8n allows unauthenticated attackers to read files, bypass authentication, and gain ...

Apache StreamPipes Flaw Lets Anyone Become Admin

Sometimes a breach doesn’t kick down the front door. It just changes the name on the badge.
Hosted on MSN

ChatGPT hit by a zero-click, server-side vulnerability that criminals can use to siphon sensitive data - here's how to stay safe

Enterprises are increasingly using AI tools such as ChatGPT’s Deep Research agent to analyze emails, CRM data, and internal reports for strategic decision-making, experts have warned. These platforms ...

Cisco warns of Identity Service Engine flaw with exploit code

Cisco has patched an ISE vulnerability with public proof-of-concept exploit code that can be abused by attackers with admin ...

CISA Orders Urgent Patching Of Actively Exploited MongoDB Flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive ordering federal agencies to ...
The Hacker News

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

A critical MongoDB flaw, CVE-2025-14847, is under active exploitation, allowing unauthenticated data leaks from 87,000+ ...
Security

Cequence discovers critical vulnerability in IT infrastructure of large food and drug retailer

Cequence Security announced that its CQ Prime Threat Research Team has identified a critical vulnerability within one of the largest food and drug retailers’ IT infrastructure affecting four ...

US and Australian agencies warn MongoBleed vulnerability in MongoDB is under active exploitation

US and Australian agencies warn MongoBleed vulnerability in MongoDB is under active exploitation - SiliconANGLE ...