CSO Online

Critical flaw in HPE Aruba CX switches lets attackers seize admin control without credentials

Unauthenticated password reset vulnerability in widely deployed enterprise switching hardware carries a near-maximum severity score.
The Hacker News

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure ...
CSO Online

CISA warns of actively exploited Ivanti EPM and Cisco SD-WAN flaws

Patched vulnerabilities in Ivanti Endpoint Manager and Cisco Catalyst SD-WAN are under attack, according to the US security agency, which added reporting requirements to its previous Cisco directive.
SecurityWeek

Cisco Patches Critical Vulnerabilities in Enterprise Networking Products

Cisco has fixed 48 vulnerabilities in Firewall ASA, Secure FMC, and Secure FTD appliances, including two critical-severity bugs.
HealthcareInfoSecurity

Context7 Flaw Let Attackers Slip Commands to AI Agents

Security researchers at Noma Labs found a critical flaw in Context7, a widely used tool that feeds AI coding assistants documentation, allowing attackers to plant ...