Critical vulnerability in automation tool: n8n allows code smuggling

The popular tool for creating no-code workflows has four critical vulnerabilities, one with the highest score. Admins should ...
InfoWorld

GitHub rolls out AI-powered fixes for code vulnerabilities

Copilot Autofix, a new addition to the GitHub Advanced Security service, analyzes vulnerabilities in code and offers code suggestions to help developers fix them. GitHub has unveiled Copilot Autofix, ...

zlib: Critical vulnerability in untgz tool allows code smuggling – no update yet

A critical vulnerability in the zlib library, included in many operating systems and programs, allows code smuggling.
CSOonline

Critical flaw in AI agent dev tool Langflow under active exploitation

Researchers from security firm Trend Micro warn that a critical remote code execution vulnerability patched in April in the Langflow AI agent framework is being exploited to deploy botnet malware. The ...

OWASP Names Latest Top 10 Application Vulnerabilities

The Open Worldwide Application Security Project (OWASP) has unveiled its latest top 10 vulnerabilities list, and it contains ...
CSOonline

Open source vulnerability scanner found with a serious vulnerability in its own code

The flaw could allow attackers to bypass Nuclei’s template signature verification process to inject malicious codes into host systems. A widely popular open-source tool, Nuclei, used for scanning ...