Fortinet has released security updates to address a high-severity flaw in its FortiSIEM platform that could allow unauthenticated attackers to remotely execute code on affected systems. The vulnerability, tracked as CVE-2025-64155, carries a CVSS score of 9.4, placing it firmly…
Security researchers have uncovered an active malware campaign that is abusing a DLL side-loading weakness in a legitimate Windows executable linked to the open-source c-ares library. The technique allows attackers to quietly bypass security defenses and install a broad range…
n8n recently introduced a task runner-based native Python option to improve security isolation. This feature first appeared in version 1.111.0 as an optional setting and could be turned on using the environment variables N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER. With the release of…
Several popular AI-driven code editors built on Visual Studio Code are raising new supply-chain security concerns after researchers found they recommend extensions that don’t actually exist in the Open VSX registry. The affected tools include VS Code forks such as…
There was a time when identity lived in one place. A single LDAP directory, an HR database, or one IAM portal handled who could access what. That reality is gone. Today, identities are scattered across SaaS platforms, on-prem systems, cloud…
I want to flag a serious security issue affecting the TOTOLINK EX200 wireless range extender that hasn’t received a fix and could leave devices fully exposed. The vulnerability was disclosed by the CERT Coordination Center and allows a remote attacker…
Trust Wallet has confirmed a security incident involving its Chrome browser extension that resulted in the loss of approximately $7 million in cryptocurrency. The breach affected users running a specific version of the extension and has prompted an urgent security…
