The Hacker News

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Critical n8n flaw CVE-2025-68668 allows authenticated users to run system commands via workflows; affects versions 1.0.0 to ...
Dark Reading

RondoDox Botnet Expands Scope With React2Shell Exploitation

Recent attacks are targeting Next.js servers and pose a significant threat of cryptomining and other malicious activity to ...
Hit Points on MSN

Apple tells 1.8 billion iPhone users to update now over 'extremely sophisticated attack'

Apple urgently warned 1.8 billion iPhone and iPad users of two zero-day vulnerabilities under active exploitation in ...
InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...

ClickFix attack uses fake Windows BSOD screens to push malware

A new ClickFix social engineering campaign is targeting the hospitality sector in Europe, using fake Windows Blue Screen of ...
Goldseiten

Homerun Resources Inc. Closes Acquisition of Additional Mineral Rights in the Santa Maria Eterna Silica Sand District

Homerun Resources Inc. is pleased to announce that further to the Company's News Release on 12, 2025, it has closed the acquisition with Pedreiras do Brasil S.A. a company controlled by Vitoria Stone, ...