The Hacker News

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...

NordVPN Hack Claim — Is Your Data Secure? Here’s What Really Happened

NordVPN, which has a 17% VPN market share in the U.S., has issued a security update following claims of a hack attack and ...
InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...
Infosecurity Magazine

High-Severity Flaw in Open WebUI Affects AI Connections

The flaw, tracked as CVE-2025-64496 and discovered by Cato Networks researchers, impacts Open WebUI versions 0.6.34 and older ...
The Hacker News

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Critical n8n flaw CVE-2025-68668 allows authenticated users to run system commands via workflows; affects versions 1.0.0 to ...

The Best Security Lessons Often Come From The Toughest Customers

Many companies learn too late that enterprise-grade security requirements are actually a blueprint for building stronger ...

8 fundamental AI security best practices for teams in 2026

Vanta reports on eight essential AI security best practices for organizations to mitigate risks and ensure safe AI adoption ...