CSO Online

Critical jsPDF vulnerability enables arbitrary file read in Node.js deployments

The path traversal bug allows attackers to include arbitrary filesystem content in generated PDFs when file paths are not ...

Court blocks ‘arbitrary and capricious’ changes to FEMA grants

The U.S. District Court for the District of Oregon blocked the Trump administration from withholding grant money from states ...
The Hacker News

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...
The Hacker News

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

A critical CVSS 10.0 vulnerability in n8n allows unauthenticated attackers to read files, bypass authentication, and gain ...
Nanowerk

Metasurface chip turns 3D coordinates into encryption keys for holographic storage

A chip smaller than one square millimeter stores 160 holographic images at arbitrary 3D coordinates, with each spatial ...
Dark Reading

Attackers Exploit Zero-Day in End-of-Life D-Link Routers

"The affected endpoint is also associated with unauthenticated DNS modification ("DNSChanger") behavior documented by D-Link, ...
Infosecurity Magazine

Maximum Severity “Ni8mare” Bug Lets Hackers Hijack n8n Servers

A newly discovered vulnerability in authentication platform n8n could allow threat actors to take control of n8n servers ...
Live Bitcoin NewsOpinion

Bitcoin Maxis Predicted Crypto’s Existential Corporate Threat

According to Vitalik Buterin, crypto-maximalists foresaw the greatest threat to Bitcoin, which became corporate manipulation ...

AI In Fair Lending: Powerful, Messy And Too Important To Ignore

Fair lending isn't just a regulatory obligation—it’s a test of whether we can use powerful technology in a way that actually ...
SecurityWeek

Critical Vulnerability Exposes n8n Instances to Takeover Attacks

CVE-2026-21858, a critical n8n vulnerability, can be exploited for unauthenticated remote code execution, leading to instance ...
Morning Overview on MSN

IBM’s “Bob” AI can be tricked into running malware

IBM’s experimental coding assistant “Bob” was pitched as a way to automate routine development tasks, but security ...

OU professors seek answers after TA removed over grading

The American Association of University Professors at the University of Oklahoma sent a letter asking President Joseph Harroz ...