CSO Online

Critical RCE bugs expose the n8n automation platform to host‑level compromise

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...
PCQuest on MSN

One command, full recon: Why AutoPentestX matters for Linux pentesters

Many times when performing penetration tests, there is no lack of tools for conducting penetration testing, but rather the issue relates to performing penetration testing in a fractured way.
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads.
LinuxInsider

Weaponized Python and Linux Malware Target Executives and Cloud Systems

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...

New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.
WinBuzzer

ChatGPT’s Code Execution Containers Gain Bash Support and Multi-Language Code

ChatGPT has quietly gained bash support and multi-language capabilities, enabling users to run commands and install packages in containers without official announcements.