The Hacker News

HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution

HPE patched a critical OneView vulnerability with CVSS 10.0 that could allow unauthenticated remote code execution in ...
The Hacker News

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

Critical n8n flaw CVE-2025-68613 (CVSS 9.9) lets authenticated users run arbitrary code; versions 0.211.0–1.120.4 affected, ...

New critical WatchGuard Firebox firewall flaw exploited in attacks

WatchGuard has warned customers to patch a critical, actively exploited remote code execution (RCE) vulnerability in its ...

HPE warns of maximum severity RCE flaw in OneView software

Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables ...

Cyata flags agentic AI supply-chain risk in Cursor remote code execution bug

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a critical remote code ...
SecurityWeek

HPE Patches Critical Flaw in IT Infrastructure Management Software

HPE has released patches for a critical-severity OneView vulnerability that could lead to unauthenticated remote code ...
Security Boulevard

Best of 2025: LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for ...

SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows ...
Security Boulevard

Denial-of-Service and Source Code Exposure in React Server Components

In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...
moneycontrol.com

Chrome remote code execution flaw: CERT-In issues high-severity warning for desktop users

According to the advisory, the issue impacts Google Chrome versions prior to 142.0.7444.162/163 on Windows and versions prior to 142.0.7444.162 on Linux and macOS. The vulnerability stems from ...
GIGAZINE

Possible remote code execution exploit in Apex Legends, professional players targeted ...

Electronic Arts (EA), which operates the battle royale FPS 'Apex Legends,' has announced that it will postpone the North American finals of the official tournament 'Apex Legends Global Series (ALGS).' ...