The Hacker News

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Critical n8n flaw CVE-2025-68668 allows authenticated users to run system commands via workflows; affects versions 1.0.0 to ...
Comic Book Movie

WONDER MAN TV Spot Sees Simon Williams Set Out To Save Hollywood (Where Superpowers Are Banned)

A newly released 30-second preview for Marvel Television's Wonder Man finds Simon Williams tasked with saving Hollywood, ...
Dark Reading

Critical 'MongoBleed' Bug Under Active Attack, Patch Now

The memory leak security vulnerability allows unauthenticated attackers to extract passwords and tokens from MongoDB servers.
Kenyans.co.ke

Security Experts Reveal New Trick Used by Thieves to Bypass CCTV Systems

Weak passwords, default logins, and unpatched software can allow thieves or accomplices to access cameras remotely, delete ...

Rising digital fraud pushes banks to give customers more control over online transactions

In response to this growing threat, Axis Bank has rolled out a new feature called ‘Safety Centre’ on its mobile banking app ...
Security Boulevard

Top CVEs of December 2025

December 2025 was a brutal reality check for security teams. While most were winding down for the holidays, threat actors weaponized a tectonic shift in the landscape, headlined by the... The post Top ...
GovInfoSecurity

75,000 MongoDBs Exposed as Attackers Exploit 'MongoBleed'

Tens of thousands of internet-exposed MongoDB databases are at risk as attackers actively target a critical vulnerability in ...
The Register on MSN

An early end to the holidays: 'Heartbleed of MongoDB' is now under active exploit

You didn't think you'd get to enjoy your time off without a major cybersecurity incident, did you? A high-severity MongoDB Server vulnerability, for which proofs of concept emerged over Christmas week ...

Security updates: Various attacks on Qnap NAS possible

As indicated in the security section of the Qnap website, the vulnerabilities affect License Center, MARS, Qfiling, Qfinder ...

MetaMask Users Under Attack: Fake 2FA Scam Draining Wallets in Seconds

Scammers are targeting MetaMask users with fake "2FA security verification" pages that mimic official alerts. The phishing ...

CISA orders feds to patch MongoBleed flaw exploited in attacks

CISA ordered U.S. federal agencies to patch an actively exploited MongoDB vulnerability (MongoBleed) that can be exploited to ...

Binance-owned Trust Wallet hit by $7 million hack

The Binance-owned Trust Wallet suffered a hack that led to the loss of about $7 million, with efforts underway to compensate ...