The Hacker News

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

A critical CVSS 10.0 vulnerability in n8n allows unauthenticated attackers to read files, bypass authentication, and gain ...

Apache StreamPipes Flaw Lets Anyone Become Admin

Sometimes a breach doesn’t kick down the front door. It just changes the name on the badge.
Hosted on MSN

ChatGPT hit by a zero-click, server-side vulnerability that criminals can use to siphon sensitive data - here's how to stay safe

Enterprises are increasingly using AI tools such as ChatGPT’s Deep Research agent to analyze emails, CRM data, and internal reports for strategic decision-making, experts have warned. These platforms ...

Cisco warns of Identity Service Engine flaw with exploit code

Cisco has patched an ISE vulnerability with public proof-of-concept exploit code that can be abused by attackers with admin ...
The Hacker News

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

A critical MongoDB flaw, CVE-2025-14847, is under active exploitation, allowing unauthenticated data leaks from 87,000+ ...

CISA Orders Urgent Patching Of Actively Exploited MongoDB Flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive ordering federal agencies to ...

700Credit Data Breach Exposes Sensitive Information of Millions Through Third-Party Failure

Financial technology company 700Credit has disclosed a significant data breach that resulted in the exposure of personal ...

US and Australian agencies warn MongoBleed vulnerability in MongoDB is under active exploitation

US and Australian agencies warn MongoBleed vulnerability in MongoDB is under active exploitation - SiliconANGLE ...
Nextgov

How the federal government can tackle its on-prem sensitive data dilemma

In April, cybersecurity experts and Microsoft issued urgent warnings following a surge in attacks targeting critical vulnerabilities in on-premises Microsoft Exchange and SharePoint servers, both ...