Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

Researchers disclosed two n8n vulnerabilities that let authenticated users bypass JavaScript and Python sandboxes to run ...

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...

A new around of vulnerabilities in the popular AI automation platform could let attackers hijack servers and steal ...

A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a ...

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.

Two critical security flaws in n8n have exposed sandboxing vulnerabilities, enabling remote code execution for attackers ...

Hackers are hunting for vulnerable endpoints to deploy Python malware.

Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication bypass vulnerability in the GNU InetUtils ...

The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a ...

A malicious extension impersonating an ad blocker forces repeated browser crashes before pushing victims to run ...