The Hacker News

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure ...
Bleeping Computer

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the ‘PhantomRaven’ supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers. The campaign ...
decrypt

Android Phone Crypto Wallets Could Be at Risk Due to MediaTek Exploit: Ledger

Add Decrypt as your preferred source to see more of our stories on Google. Ledger researchers say a flaw in certain MediaTek-powered Android phones could expose encrypted user data in about 45 seconds ...